By Abinaya
Publication Date: 2025-11-18 03:21:00
IBM has released critical security updates addressing two severe vulnerabilities in its AIX operating system that could allow remote attackers to execute arbitrary commands on affected systems.
Both vulnerabilities stem from improper process controls in essential IBM AIX services.
Critical Flaws in IBM AIX Services
The first vulnerability, CVE-2025-36251, affects the Nimsh service and its SSL/TLS implementations. This critical flaw could enable remote attackers to bypass security controls and execute unauthorized commands.
The vulnerability carries a CVSS base score of 9.6, indicating severe risk across network-accessible systems. The attack requires network access but no authentication or user interaction, making it particularly dangerous for exposed systems.
The second vulnerability, CVE-2025-36250, impacts the NIM server service (nimesis), formerly known as NIM master. This flaw is even more critical, receiving a perfect CVSS score of…
