CVE-2025-36035 – This vulnerability in IBM PowerVM Hypervisor al... (How to Fix)

Q: What is the severity of CVE-2025-36035?

CVE-2025-36035 has a CVSS score of 6.7 (MEDIUM). This vulnerability in IBM PowerVM Hypervisor allows a local privileged user to cause denial of service through specially crafted IBM i hypervisor calls. The attack can disclose memory contents or consume excessive memory resources. Affected systems include IBM PowerVM Hypervisor firmware versions FW950.00 through FW950.E0, FW1050.00 through FW1050.50, and FW1060.00 through FW1060.40.

📋 TL;DR

This vulnerability in IBM PowerVM Hypervisor allows a local privileged user to cause denial of service through specially crafted IBM i hypervisor calls. The attack can disclose memory contents or consume excessive memory resources. Affected systems include IBM PowerVM Hypervisor firmware versions FW950.00 through FW950.E0, FW1050.00 through FW1050.50, and FW1060.00 through FW1060.40.

💻 Affected Systems

Products:

IBM PowerVM Hypervisor

Versions: FW950.00 through FW950.E0, FW1050.00 through FW1050.50, FW1060.00 through FW1060.40

Operating Systems: IBM i (formerly OS/400)

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with IBM i partitions using PowerVM hypervisor. Requires local privileged user access.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system unavailability due to memory exhaustion or sensitive memory disclosure leading to further privilege escalation.

🟠

Likely Case

Local denial of service affecting hypervisor stability and potentially disrupting virtual machines.

🟢

If Mitigated

Minimal impact if proper access controls limit privileged user access to hypervisor functions.

🌐 Internet-Facing: LOW - Requires local privileged access, not directly exploitable from internet.

🏢 Internal Only: MEDIUM - Requires local privileged access, but insider threats or compromised privileged accounts could exploit.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local privileged access and knowledge of IBM i hypervisor calls. No public exploit code available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: FW950.F0, FW1050.60, FW1060.50 or later

Vendor Advisory: https://www.ibm.com/support/pages/node/7244813

Restart Required: No

Instructions:

1. Download appropriate firmware update from IBM Fix Central. 2. Apply firmware update using HMC or IVM. 3. Verify firmware version after update.

🔧 Temporary Workarounds

Restrict privileged user access

all

Limit the number of users with privileged access to IBM i hypervisor functions.

Monitor hypervisor calls

all

Implement logging and monitoring of IBM i hypervisor calls for suspicious activity.

🧯 If You Can't Patch

Implement strict access controls to limit privileged user access to hypervisor functions
Monitor system logs for unusual hypervisor call patterns or memory consumption spikes

🔍 How to Verify

Check if Vulnerable:

Check current firmware version using HMC or IVM interface and compare against affected versions.

Check Version:

From HMC: lshwres -r sys -m <system_name> --level sys | grep firmware_level

Verify Fix Applied:

Verify firmware version is FW950.F0, FW1050.60, FW1060.50 or later after applying update.

📡 Detection & Monitoring

Log Indicators:

Unusual patterns of IBM i hypervisor calls
Memory consumption spikes in hypervisor
System crash or instability logs

Network Indicators:

Not network exploitable - local only vulnerability

SIEM Query:

Search for hypervisor call patterns from privileged users or memory exhaustion alerts

📊 Metadata

CVE ID: CVE-2025-36035

CVSS v3 Score: 6.7 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:H

CWE: CWE-770

EPSS Score: 0.01% exploit probability (1.6th percentile)

Published: September 14, 2025

Last Updated: December 19, 2025

🔗 References

https://www.ibm.com/support/pages/node/7244813 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-36035, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Powervm Hypervisor by Ibm

Powervm Hypervisor by Ibm

Powervm Hypervisor by Ibm

Powervm Hypervisor by Ibm

Powervm Hypervisor by Ibm

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict privileged user access

Monitor hypervisor calls

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities