CyberSecurityBoard
Sponsor Register Login

IBM Storage Virtualize Vulnerabilities Let Attackers Execute Arbitrary Code

These flaws enable attackers to bypass authentication and execute arbitrary code remotely via the graphical user interface (GUI), posing significant risks to enterprise storage environments. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. The vulnerabilities center on the RPCAdapter service, a component enabling remote procedure calls in IBM’s storage systems. IBM confirms the command-line interface (CLI) remains unaffected, as the vulnerabilities are isolated to GUI components interacting with the RPCAdapter service. She is covering various cyber security incidents happening in the Cyber Space. Once authenticated via CVE-2025-0159, adversaries can leverage CVE-2025-0160 (CVSS 8.1) to execute arbitrary Java code.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 04 Mar 2025 08:10:02 +0000


Cyber News related to IBM Storage Virtualize Vulnerabilities Let Attackers Execute Arbitrary Code

CVE-2022-36407 - Insertion of Sensitive Information into Log File vulnerability in Hitachi Virtual Storage Platform, Hitachi Virtual Storage Platform VP9500, Hitachi Virtual Storage Platform G1000, G1500, Hitachi Virtual Storage Platform F1500, Hitachi Virtual ...
1 year ago
How Secure Is Cloud Storage? Features, Risks, & Protection - Cloud storage is a cloud computing model that allows data storage on remote servers operated by a service provider, accessible via internet connections. Cloud storage utilizes remote servers accessed through the internet, while local storage saves ...
1 year ago Esecurityplanet.com
IBM Heron Quantum Chip, Quantum System Two - Next generation quantum processor dubbed 'Heron', and the modular IBM Quantum System Two unveiled by Big Blue. IBM has unveiled two new quantum developments, with a new series of utility-scale processors housed within a modular quantum system. At its ...
2 years ago Silicon.co.uk
Top 7 Cloud Storage Security Issues & Risks - Cloud storage security issues refer to the operational and functional challenges that organizations and consumers encounter when storing data in the cloud. Cloud storage risks involve potential external threats and vulnerabilities that jeopardize the ...
1 year ago Esecurityplanet.com
CVE-2009-3027 - VRTSweb.exe in VRTSweb in Symantec Backup Exec Continuous Protection Server (CPS) 11d, 12.0, and 12.5; Veritas NetBackup Operations Manager (NOM) 6.0 GA through 6.5.5; Veritas Backup Reporter (VBR) 6.0 GA through 6.6; Veritas Storage Foundation (SF) ...
7 years ago
Palo Alto Networks and IBM to Jointly Provide AI-Powered Security Offerings - PRESS RELEASE. SANTA CLARA, Calif. and ARMONK, N.Y., May 15, 2024 /PRNewswire/ - Palo Alto Networks, the global cybersecurity leader, and IBM, a leading provider of hybrid cloud and AI, today announced a broad-reaching partnership to deliver ...
1 year ago Darkreading.com
Cohesity Extends Collaboration to Strengthen Cyber Resilience With IBM Investment in Cohesity - PRESS RELEASE. SAN JOSE, Calif. - April 11, 2024 - Cohesity today announced a deepening of its cyber resilience collaboration with IBM. The enhanced relationship will accelerate the development of essential cyber resilience capabilities to address ...
1 year ago Darkreading.com
IBM Storage Virtualize Vulnerabilities Let Attackers Execute Arbitrary Code - These flaws enable attackers to bypass authentication and execute arbitrary code remotely via the graphical user interface (GUI), posing significant risks to enterprise storage environments. Cyber Security News is a Dedicated News Platform For Cyber ...
10 months ago Cybersecuritynews.com CVE-2025-0159
Azure Storage Utility Vulnerability Let Attackers Escalate Their Privileges to Root - The security flaw involves a classic privilege escalation method using a Set User ID (SUID) binary that is part of the AZNFS-mount utility installation, Varonis said in a report shared with Cyber Security News. This utility is designed to mount Azure ...
8 months ago Cybersecuritynews.com
Get a Lifetime of 1TB Cloud Storage for Only $80 With FolderFort - TL;DR: Get speedy, secure and user-friendly cloud storage with a lifetime subscription to the FolderFort 1TB Storage Pro Plan - it's currently on sale at 68% off for just $80. Cloud data storage is one of the most useful and convenient developments ...
1 year ago Techrepublic.com
A primer on storage anomaly detection - Anomaly detection plays an increasingly important role in data and storage management, as admins seek to improve security of systems. In response to these developments, more vendors incorporate storage anomaly detection capabilities into their ...
2 years ago Techtarget.com
25 Best Cloud Service Providers (Public and Private) in 2025 - Oracle Cloud offers a variety of services, including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS), to help organizations build, deploy, and run applications in the cloud. Oracle Cloud is a cloud ...
8 months ago Cybersecuritynews.com
CISOs Grapple With IBM's Unexpected Cybersecurity Software Exit - IBM's surprise departure from cybersecurity software this week didn't just rearrange the competitive landscape - it also reshuffled the procurement plans and vendor relationships for many CISOs rebuilding their SOCs. IBM has agreed to sell the QRadar ...
1 year ago Darkreading.com
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
1 year ago Securityaffairs.com
The Exploration of Static vs Dynamic Code Analysis - Two essential methodologies employed for this purpose are Static Code Analysis and Dynamic Code Analysis. Static Code Analysis involves the examination of source code without its execution. In this exploration of Static vs Dynamic Code Analysis, ...
2 years ago Feeds.dzone.com
CVE-2021-2319 - Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway (component: Management Console). The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged ...
4 years ago
CVE-2021-2318 - Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway (component: Management Console). The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged ...
4 years ago
CVE-2021-2317 - Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway (component: Management Console). The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows unauthenticated ...
4 years ago
CVE-2021-2320 - Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway (component: Management Console). The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged ...
4 years ago
CVE-2025-38502 - In the Linux kernel, the following vulnerability has been resolved: ...
4 months ago
Strobes 2023 Pentesting Recap: Trends, Stats, and How PTaaS is Transforming Cybersecurity - This article covers some amazing statistics on what category of vulnerabilities we commonly report across 100s of customers, and how we reduce compliance times and turn around time to reporting critical vulnerabilities. In a different article, we ...
2 years ago Securityboulevard.com
SharePoint 0-day Vulnerability Exploited in Wild by All Sorts of Hacker Groups - File Indicators of Compromise (IoCs) SHA-1FilenameDetectionDescriptionF5B60A8EAD96703080E73A1F79C3E70FF44DF271spinstall0.aspxMSIL/Webshell.JSWebshell deployed via SharePoint vulnerabilities Network Indicators of Compromise (IoCs) IP ...
5 months ago Cybersecuritynews.com
CVE-2023-43042 - IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.3 products use default passwords for a privileged user. IBM X-Force ID: 266874. ...
2 years ago Tenable.com
CVE-2023-47700 - IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.6 products could allow a remote attacker to spoof a trusted system that would not be correctly validated by the Storwize server. This could lead to a user ...
1 year ago

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)