Cyber Posture

CVE-2025-13375

Critical

Published: 04 February 2026

Published
04 February 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0007 20.4th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-13375 is a critical-severity Execution with Unnecessary Privileges (CWE-250) vulnerability in Ibm (inferred from references). Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 20.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly remediates the CVE-2025-13375 vulnerability in IBM CCA by applying vendor patches, preventing unauthenticated remote code execution with elevated privileges.

AC-6 Least Privilege good match
prevent

Enforces least privilege to counter CWE-250 unnecessary privileges, limiting the impact of arbitrary command execution even if the flaw is exploited.

AC-3 Access Enforcement partial match
prevent

Mandates enforcement of access controls to block unauthenticated users from gaining elevated privileges via the vulnerable CCA service.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Direct remote unauthenticated arbitrary command execution with elevated privileges maps to public-facing app exploitation and priv esc via the described flaw.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system.

Deeper analysisAI

CVE-2025-13375 is a high-severity vulnerability in IBM Common Cryptographic Architecture (CCA) versions 7.5.52 and 8.4.82. It enables an unauthenticated user to execute arbitrary commands with elevated privileges on the affected system, stemming from CWE-250 (Execution with Unnecessary Privileges). The vulnerability received a CVSS v3.1 base score of 9.8, reflecting its critical impact (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). It was published on 2026-02-04.

An unauthenticated attacker with network access can exploit this vulnerability due to its low attack complexity and lack of required privileges or user interaction. Successful exploitation allows the attacker to gain elevated privileges on the system, potentially achieving full remote code execution with high impacts on confidentiality, integrity, and availability.

IBM has issued an advisory with details on mitigation and patches at https://www.ibm.com/support/pages/node/7259625. Security practitioners should consult this reference for specific remediation steps applicable to affected CCA installations.

Details

CWE(s)
CWE-250

Affected Products

Ibm
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2025-34515Shared CWE-250
CVE-2025-34274Shared CWE-250
CVE-2026-25212Shared CWE-250
CVE-2025-33223Shared CWE-250
CVE-2026-0870Shared CWE-250
CVE-2025-58383Shared CWE-250
CVE-2024-48013Shared CWE-250
CVE-2025-57119Shared CWE-250
CVE-2026-1680Shared CWE-250
CVE-2025-22890Shared CWE-250

References