EXECUTIVE SUMMARY:
A critical vulnerability has been uncovered CVE-2025-13375 in IBM Common Cryptographic Architecture (CCA), a key component interfacing with IBM Hardware Security Modules (HSMs), that allows unauthenticated attackers to execute arbitrary commands with elevated privileges over the network due to execution with unnecessary privileges, posing a severe risk to the confidentiality, integrity, and availability of cryptographic operations and sensitive keys across affected environments; the flaw impacts specific versions of CCA and the Developers Toolkit running on platforms such as IBM AIX, IBM i, IBM PowerLinux, and Linux on Intel x86, and organizations using these security modules are strongly advised to apply the available firmware and software updates immediately to mitigate potential full compromise or disruption of services. The vulnerability has a CVSS score of 9.8.
RECOMMENDATION:
We strongly recommend you update IBM Common Cryptographic Architecture to below link:
REFERENCES:
The following reports contain further technical details:
https://securityonline.info/cve-2025-13375-critical-ibm-crypto-flaw-cvss-9-8-exposes-hsms/