By Emma Woollacott
Publication Date: 2025-11-18 11:04:00
IBM has issued patches for four major flaws in IBM AIX and VIOS that allow a remote, unprivileged attacker to achieve arbitrary command execution on an exposed IBM Network Installation Manager (NIM).
The four vulnerabilities, tracked as CVE‑2025‑36250, CVE‑2025‑36251, CVE‑2025‑36236, and CVE‑2025‑36096, affect IBM AIX 7.2 and 7.3 as well as IBM VIOS 3.1 and 4.1 environments, with three of the four receiving a critical CVSS score.
All four flaws allow an attacker to ‘hijack’ unattended operating system installations and updates to deploy malicious payloads onto AIX hosts, move laterally, and persist in broader environments, according to an advisory from Mondoo.
“These four vulnerabilities on IBM AIX present a very serious threat because they allow a remote attacker with no privileges to perform arbitrary commands on an IBM Network Installation Manager (NIM) that’s exposed to the internet (which NIM servers typically are),” said Patrick Münch, Mondoo CSO.
“This…