CVE-2025-36183 – This vulnerability in IBM watsonx.data allows p... (How to Fix)

📋 TL;DR

This vulnerability in IBM watsonx.data allows privileged users to upload malicious files that could be executed on the server, potentially modifying limited files or data. It affects IBM watsonx.data Lakehouse installations version 2.2 through 2.2.1. The risk is primarily to organizations using these specific versions of IBM's data platform.

💻 Affected Systems

Products:

IBM watsonx.data Lakehouse

Versions: 2.2 through 2.2.1

Operating Systems: Not specified in advisory

Default Config Vulnerable: ⚠️ Yes

Notes: Requires privileged user access; vulnerability exists in default configurations of affected versions.

📦 What is this software?

Watsonx.data by Ibm

View all CVEs affecting Watsonx.data →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Privileged user uploads malicious executable that modifies critical system files or data, potentially causing data corruption, service disruption, or unauthorized data access.

🟠

Likely Case

Privileged user with malicious intent or compromised credentials uploads files that modify application data or configuration files within the watsonx.data environment.

🟢

If Mitigated

With proper access controls and file validation, impact is limited to authorized modifications within the user's permitted scope.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires privileged user credentials; file upload and execution mechanisms are standard features.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply fix as described in IBM advisory

Vendor Advisory: https://www.ibm.com/support/pages/node/7260118

Restart Required: Yes

Instructions:

1. Review IBM advisory at provided URL
2. Apply the recommended fix from IBM
3. Restart watsonx.data services
4. Verify the fix is applied

🔧 Temporary Workarounds

Restrict file upload permissions

all

Limit file upload capabilities to only necessary privileged users and implement strict file type validation.

Implement file validation

all

Add server-side validation to reject potentially malicious file types and scan uploaded files.

🧯 If You Can't Patch

Implement strict access controls to limit privileged user accounts
Monitor file upload activities and audit privileged user actions

🔍 How to Verify

Check if Vulnerable:

Check IBM watsonx.data version; if running 2.2 through 2.2.1, system is vulnerable.

Check Version:

Consult IBM watsonx.data documentation for version check command specific to your deployment.

Verify Fix Applied:

Verify version is updated beyond 2.2.1 or confirm fix from IBM advisory is applied.

📡 Detection & Monitoring

Log Indicators:

Unusual file upload patterns by privileged users
Execution of unexpected file types

Network Indicators:

Large or unusual file uploads to watsonx.data endpoints

SIEM Query:

source="watsonx.data" AND (event_type="file_upload" OR event_type="file_execution") AND user_privilege="high"

📊 Metadata

CVE ID: CVE-2025-36183

CVSS v3 Score: 3.8 (LOW)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L

CWE: CWE-434

Published: February 17, 2026

Last Updated: February 20, 2026

🔗 References

https://www.ibm.com/support/pages/node/7260118 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-36183, you might also want to check these: