Multiple vulnerabilities in IBM Storage Defender - Data Protect
| Risk | Critical |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2025-20260 CVE-2025-4517 CVE-2025-6965 CVE-2024-54661 CVE-2025-32911 CVE-2024-52533 |
| CWE-ID | CWE-787 CWE-22 CWE-119 CWE-377 CWE-416 CWE-193 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Storage Defender – Data Protect Other software / Other software solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Out-of-bounds write
EUVDB-ID: #VU111270
Risk: Critical
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Red]
CVE-ID: CVE-2025-20260
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can pass a specially crafted PDF file to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Defender – Data Protect: 2.0 - 2.0.18
CPE2.3- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0.1:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7253851
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Path traversal
EUVDB-ID: #VU111966
Risk: High
CVSSv4.0: 8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-4517
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to input validation error in the tarfile module when extracting files from an archive with filter="data". A remote attacker can pass specially crafted archive to the application and write files to arbitrary locations on the system outside the extraction directory.
MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Defender – Data Protect: 2.0 - 2.0.18
CPE2.3- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0.1:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7253851
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU113156
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-6965
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when processing aggregated terms. A remote attacker can pass specially crafted input to the application where the number of aggregate terms exceeds the number of columns available, trigger memory corruption and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Defender – Data Protect: 2.0 - 2.0.18
CPE2.3- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0.1:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7253851
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Insecure temporary file
EUVDB-ID: #VU101797
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-54661
CWE-ID:
CWE-377 - Insecure Temporary File
Exploit availability: No
DescriptionThe vulnerability allows a local user to overwrite arbitrary files on the system.
The vulnerability exists due to usage of a predictable temporary file name in readline.sh. A local user can create a symbolic link from the temporary file to an arbitrary files on the system and overwrite it with the application's output, corrupting the file.
Install update from vendor's website.
Vulnerable software versionsStorage Defender – Data Protect: 2.0 - 2.0.18
CPE2.3- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0.1:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7253851
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Use-after-free
EUVDB-ID: #VU109936
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-32911
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the soup_message_headers_get_content_disposition(). A remote attacker can trick the victim into visiting a specially crafted website and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Defender – Data Protect: 2.0 - 2.0.18
CPE2.3- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0.1:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7253851
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Off-by-one
EUVDB-ID: #VU100566
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-52533
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to an off-by-one error in gio/gsocks4aproxy.c when handling responses from SOCKS4 proxy. A remote attacker can trick the victim into connecting to a malicious SOCKS4 proxy server, trigger an off-by-one error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Defender – Data Protect: 2.0 - 2.0.18
CPE2.3- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:storage_defender_–_data_protect:2.0.1:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7253851
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
