Main Vulnerability Database SB2025032108

SB2025032108 - Security restrictions bypass in IBM Security QRadar EDR

Published: March 21, 2025

Security Bulletin ID SB2025032108

CSH Severity

Low

Patch available

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Security features bypass (CVE-ID: CVE-2024-45644)

CWE-ID: CWE-254 - Security Features

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to software allows SMB file downloads, restricted to Administrator and Responder accounts. A local privileged user can bypass implemented security restrictions and download malicious files to the system.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://www.ibm.com/support/pages/node/7186613