Critical Vulnerability Information Vulnerability Overview Product: IBM TX Advanced Vulnerability Type: Out-of-bounds Write and Use of Inherently Dangerous Function Cause: Resulting from improper usage of certain C library functions Vulnerability Details CVE-2025-1329 - Description: Due to improper handling of DNS response failures by the function, this may allow a local user to execute arbitrary code on the system. - CVSS Score: 7.8 - CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVE-2025-1330 - Description: Same as CVE-2025-1329, involving issues with the function. - CVSS Score: 7.8 - CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVE-2025-1331 - Description: Due to unsafe usage of the function, this may allow a local user to execute arbitrary code on the system. - CVSS Score: 7.8 - CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) Affected Products and Versions IBM CICS TX Advanced: Versions 10.1, 11.1 Remediation Recommendation: Immediately download and apply the following fixes: - IBM CICS TX Advanced 10.1: For Linux platforms, download and apply the fix from Fix Central. - IBM CICS TX Advanced 11.1: For Linux platforms, download and apply the fix from Fix Central. Additional Information Release Date: May 8, 2025