CVE-2025-33136HIGH 8.8EPSS p20.2%

CVE-2025-33136CVE-2025-33136

Description

IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another user due to improper protection of assumed immutable data.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.29% probability of exploitation · percentile 20.2% · 2026-06-19T12:03:05Z
Published2025-05-22
Last modified2025-05-30

Underlying weaknesses· 1

CWE-471

References

  1. https://www.ibm.com/support/pages/node/7234114

1

TypeTargetConfidenceTier
WeaknessModification of Assumed-Immutable Data (MAID)cwe-4710%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-33137
CVE
CVE-2025-13379
CVE
CVE-2022-47986
CVE
CVE-2025-13481
CVE
CVE-2026-9035
CVE
CVE-2025-13214
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.