Summary: IBM has released a security bulletin addressing two critical vulnerabilities in the GUI of its Storage Virtualize products, allowing attackers to bypass authentication and execute arbitrary code. The vulnerabilities, identified as CVE-2025-0159 and CVE-2025-0160, have high CVSS base scores of 9.1 and 8.1 respectively. Users are advised to upgrade their systems to mitigate the risks associated with these vulnerabilities.
Affected: IBM Storage Virtualize and related products
Keypoints :
- Two vulnerabilities: CVE-2025-0159 (authentication bypass) and CVE-2025-0160 (arbitrary code execution).
- Critical CVSS scores: 9.1 for CVE-2025-0159 and 8.1 for CVE-2025-0160.
- Recommendations to upgrade to specific patched versions of affected IBM Storage Virtualize products.