CVE-2025-36104
📋 TL;DR
This vulnerability in IBM Storage Scale allows authenticated users to access sensitive files through insecure SMB protocol permissions. It affects IBM Storage Scale versions 5.2.3.0 and 5.2.3.1. Attackers with valid credentials can read files they shouldn't have access to.
💻 Affected Systems
- IBM Storage Scale
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Authenticated attackers could access sensitive configuration files, credentials, or proprietary data stored on the Storage Scale system, potentially leading to data breach or further system compromise.
Likely Case
Authenticated users (including low-privilege accounts) accessing files they shouldn't have permission to view, potentially exposing sensitive operational data.
If Mitigated
Minimal impact with proper access controls, network segmentation, and monitoring in place to detect unauthorized file access attempts.
🎯 Exploit Status
Exploitation requires valid user credentials and SMB access to the affected Storage Scale system.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Apply IBM Storage Scale 5.2.3.2 or later
Vendor Advisory: https://www.ibm.com/support/pages/node/7239562
Restart Required: Yes
Instructions:
1. Download IBM Storage Scale 5.2.3.2 or later from IBM Fix Central. 2. Follow IBM Storage Scale upgrade procedures. 3. Restart affected services after upgrade completion.
🔧 Temporary Workarounds
Restrict SMB Access
linuxLimit SMB protocol access to only necessary users and systems using firewall rules and access controls.
# Configure firewall to restrict SMB ports (typically 445/tcp)
iptables -A INPUT -p tcp --dport 445 -s trusted_network -j ACCEPT
iptables -A INPUT -p tcp --dport 445 -j DROP
Review and Tighten File Permissions
linuxAudit and correct file permissions on sensitive directories to prevent unauthorized access through SMB.
# Review current permissions on sensitive directories
find /path/to/sensitive -type f -exec ls -la {} \;
# Set appropriate permissions
chmod 600 /path/to/sensitive/files
🧯 If You Can't Patch
- Implement strict access controls and monitoring for SMB file access
- Segment Storage Scale systems from general user networks
🔍 How to Verify
Check if Vulnerable:
Check IBM Storage Scale version: mmfsadm dump version | grep 'Release' and verify if version is 5.2.3.0 or 5.2.3.1Check Version:
mmfsadm dump version | grep 'Release'Verify Fix Applied:
Verify version is 5.2.3.2 or later: mmfsadm dump version | grep 'Release'📡 Detection & Monitoring
Log Indicators:
- Unusual SMB file access patterns
- Multiple failed SMB authentication attempts followed by successful access
- Access to sensitive files from unexpected user accounts
Network Indicators:
- SMB traffic to Storage Scale systems from unexpected sources
- Unusual file enumeration patterns over SMB
SIEM Query:
source="storage_scale_logs" AND (event="file_access" AND user NOT IN authorized_users) OR (protocol="SMB" AND file_path CONTAINS sensitive_patterns)