关联漏洞
标题:IBM AIX和IBM VIOS 安全漏洞 (CVE-2025-36250)Description:IBM AIX和IBM VIOS都是美国国际商业机器(IBM)公司的产品。IBM AIX是一款为 IBM Power 体系架构开发的一种基于开放标准的 UNIX 操作系统。IBM VIOS是PowerVm® Editions 硬件功能的一部分。有助于在服务器内的客户端逻辑分区之间共享物理 I/O 资源。 IBM AIX 7.2版本、7.3版本和IBM VIOS 3.1版本、4.1版本存在安全漏洞,该漏洞源于NIM服务器进程控制不当,可能导致远程攻击者执行任意命令。
Description
CVE-2025-36250
介绍
# 🚨 Critical Vulnerability Alert: CVE-2025-36250 Explained
| Category | Details | Emoji Status |
|---------------------------|--------------------------------------------------------------------------------------------------|-------------------|
| **CVE ID** | CVE-2025-36250 | 🆔 |
| **Severity** | **CRITICAL** – CVSS 10.0 (perfect score) | 🔥🔥🔥 |
| **Published** | November 13, 2025 | 📅 |
| **Type** | Remote Code Execution (RCE) via improper process controls | 💀 |
| **Authentication** | None required | 🚫🔐 |
| **Attack Complexity** | Low | 😈 |
| **Exploit Status** | No public PoC yet (as of Nov 17, 2025), but weaponization expected soon | ⏳ |
### What’s Vulnerable? 🎯
- IBM AIX 7.2 & 7.3 (specific TLs/SPs)
- IBM VIOS 3.1 & 4.1
- Service: **nimesis** (NIM master daemon) → often runs as root!
### CVSS v3.1 Vector (the scary one) 😱
```
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H → 10.0
```
Translation: “Internet stranger can own your AIX box with one packet”
### Exposed on the Internet? 🌐
- ~7.4 million AIX systems detectable (ZoomEye)
- ~8,600 active NIM services visible yearly (Hunter.io) → many unpatched!
### Patch Status (IBM dropped fixes FAST) 🛠️
- Interim fixes released Nov 12–13, 2025
- Download: https://aix.software.ibm.com/aix/efixes/security/nim_fix2.tar
- Key APARs: IJ55968, IJ56113, IJ56230, IJ55897
- Just run `emgr` or `installp` → reboot → you’re safe ✅
### Quick Workarounds (if you can’t patch today) ⚡
- Firewall NIM ports (default 1058/tcp) 🚧
- Enable TLS secure mode: `nimconfig -c` 🔒
- Disable NIM entirely if unused: `smitty nim` → stop master
### Detection Tips 🔍
- Check logs: `/var/adm/ras/nimesis.log`
- Verify fileset: `lslpp -L bos.sysmgt.nim.master`
- Scan with Nessus/Tenable → plugin ready!
### Social Buzz on X (Nov 13–17) 🐦
- “CVSS 10 RCE on AIX? Wake up, mainframe admins!” – @HunterMapping
- “7.4M exposed AIX boxes… someone’s getting owned this weekend” – @zoomeye_team
- “Chain it with key theft (CVE-2025-36096) → game over” – @PurpleOps_io
### Bottom Line 📢
If you run AIX or VIOS with NIM enabled → **patch TODAY**.
This is the kind of 0-day that script kiddies dream about. Don’t be the headline.
Stay safe out there! 🛡️💙
文件快照
[4.0K] /data/pocs/5f62b16f94b14fa99d98e36dbfc04431b60ee6f6
└── [3.1K] README.md
1 directory, 1 file
备注
1. 建议优先通过来源进行访问。
2. 本地 POC 快照面向订阅用户开放;当原始来源失效或无法访问时,本地镜像作为订阅权益的一部分提供。
3. 持续抓取、验证、维护这份 POC 档案需要不少投入,因此本地快照已纳入付费订阅。您的订阅是让这份资料能继续走下去的关键,由衷感谢。 查看订阅方案 →