CVE-2025-14031
Published: 17 March 2026
Summary
CVE-2025-14031 is a high-severity Command Injection (CWE-77) vulnerability in Ibm Sterling B2B Integrator. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 27.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires timely remediation of the command injection vulnerability through patching as provided in IBM's security advisory, eliminating the root cause of the application crash.
Mandates validation of information inputs to prevent specially crafted requests from triggering command injection and subsequent application crashes.
Implements denial-of-service protections at system entry points to block or limit unauthenticated crafted requests that cause availability disruptions.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated command injection on public-facing app directly enables exploitation (T1190) resulting in application crash/DoS (T1499).
NVD Description
IBM Sterling B2B Integrator and and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through 6.2.1.1_1, and 6.2.2.0 could allow an unauthenticated attacker to send a specially crafted request that causes the application to crash.
Deeper analysisAI
CVE-2025-14031 affects IBM Sterling B2B Integrator and IBM Sterling File Gateway in versions 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through 6.2.1.1_1, and 6.2.2.0. The vulnerability enables an unauthenticated attacker to send a specially crafted request that causes the application to crash, classified under CWE-77 (Command Injection) with limited additional details from NVD-CWE-noinfo. It carries a CVSS v3.1 base score of 7.5, reflecting network accessibility, low attack complexity, no privileges or user interaction required, unscoped impact, and high availability disruption with no confidentiality or integrity effects.
Any unauthenticated attacker with network access to the vulnerable application can exploit this issue remotely. Exploitation involves sending a malicious request that triggers the crash, leading to a denial-of-service condition where the application becomes unavailable. No authentication, privileges, or user involvement is needed, making it straightforward for remote adversaries to repeatedly disrupt services.
IBM provides mitigation guidance and patch information in its security advisory at https://www.ibm.com/support/pages/node/7266520. Security practitioners should review this reference for version-specific fixes and apply them promptly to affected installations.
Details
- CWE(s)