Cyber Resilience

CVE-2024-25034

High

Published: 24 January 2025

Published
24 January 2025
Modified
05 March 2025
KEV Added
Patch
CVSS Score v3.1 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0012 30.2th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-25034 is a high-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability in Ibm Planning Analytics. Its CVSS base score is 8.0 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 30.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-9 (Information Input Restrictions).

Deeper analysis

CVE-2024-25034 affects IBM Planning Analytics 2.0 and 2.1, specifically in the File Manager T1 process, where insufficient validation of uploaded file types enables malicious file uploads. This vulnerability, classified under CWE-434 (Unrestricted Upload of File with Dangerous Type), carries a CVSS v3.1 base score of 8.0 (AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) and was published on 2025-01-24.

Attackers with low-privileged access (PR:L) can exploit this remotely over the network (AV:N) with low complexity (AC:L), though it requires user interaction (UI:R). Exploitation allows uploading malicious executable files to the system, which can then be sent to victims to enable further attacks, achieving high impacts on confidentiality, integrity, and availability.

IBM's security advisory provides details on the vulnerability and mitigation, available at https://www.ibm.com/support/pages/node/7168387.

EU & UK References

Vulnerability details

IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the type of file in the File Manager T1 process. Attackers can make use of this weakness and upload malicious executable files into the…

more

system that can be sent to victims for performing further attacks.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1608.001 Upload Malware Resource Development
Adversaries may upload malware to third-party or adversary controlled infrastructure to make it accessible during targeting.
Why these techniques?

Unrestricted file upload (CWE-434) in public-facing IBM Planning Analytics directly enables exploitation of the application for malicious file ingress and malware staging.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-40693Same product: Ibm Planning Analytics
CVE-2024-39752Same vendor: Ibm
CVE-2025-13689Same vendor: Ibm
CVE-2025-33015Same vendor: Ibm
CVE-2023-49886Same vendor: Ibm
CVE-2024-39750Same vendor: Ibm
CVE-2026-9170Same vendor: Ibm
CVE-2026-8175Same vendor: Ibm
CVE-2026-7876Same vendor: Ibm
CVE-2024-22348Same vendor: Ibm

Affected Assets

ibm
planning analytics
2.0, 2.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of information inputs like uploaded files to ensure only safe file types are accepted in the File Manager T1 process, addressing the lack of type validation.

prevent

Enforces restrictions on system information inputs to block unauthorized file types such as malicious executables during uploads.

preventdetect

Implements malicious code protection to scan and prevent execution or propagation of uploaded dangerous files even if initial validation is bypassed.

References