Listen to this Post
How the CVE Works
CVE-2025-36004 exploits an unqualified library call in IBM Facsimile Support for i, allowing attackers to execute arbitrary code with elevated privileges. The vulnerability arises when the system fails to properly validate library paths, enabling a malicious actor to inject a rogue library into the execution chain. By placing a crafted library in a directory with higher search precedence, the attacker forces the application to load their malicious code instead of the legitimate library. This results in privilege escalation, granting administrative control over the affected IBM i system.
DailyCVE Form
Platform: IBM i
Version: 7.2-7.5
Vulnerability: Privilege escalation
Severity: Critical
Date: 06/24/2025
Prediction: Patch by 08/2025
What Undercode Say
Analytics:
grep -r "unqualified library" /usr/include ldd /path/to/facsimile_binary
Exploit:
echo "malicious_code" > /tmp/rogue_lib.so export LIBPATH=/tmp:$LIBPATH
Protection from this CVE:
- Apply IBM security patches
- Restrict library path permissions
- Monitor unauthorized library loads
Impact:
- Full system compromise
- Unauthorized admin access
- Data exfiltration
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode
