Cyber Resilience

CVE-2025-33015

High

Published: 20 January 2026

Published
20 January 2026
Modified
26 January 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0026 17.2th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2025-33015 is a high-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability in Ibm Concert. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Web Shell (T1505.003); ranked at the 17.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-33015 affects IBM Concert versions 1.0.0 through 2.1.0, where the web interface fails to validate the content of uploaded files, enabling malicious file uploads. This vulnerability, associated with CWE-434 (Unrestricted Upload of File with Dangerous Type), carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact on confidentiality, integrity, and availability.

A remote attacker with no required privileges can exploit this vulnerability over the network with low complexity by tricking a user into uploading a specially crafted malicious file via the web interface. Successful exploitation requires user interaction but can result in high-impact compromise, allowing the attacker to execute arbitrary code, steal data, modify system files, or disrupt services on the affected system.

IBM has published an advisory at https://www.ibm.com/support/pages/node/7257006, which provides details on mitigation steps and available patches for resolving the file validation issue in the web interface. Security practitioners should review this page for version-specific remediation guidance.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

IBM Concert 1.0.0 through 2.1.0 is vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1505.003 Web Shell Persistence
Adversaries may backdoor web servers with web shells to establish persistent access to systems.
Why these techniques?

Unrestricted file upload (CWE-434) on a web interface directly enables deployment of web shells or malicious server components for code execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-64647Same product: Ibm Concert
CVE-2025-1719Same product: Ibm Concert
CVE-2024-52367Same product: Ibm Concert
CVE-2025-1722Same product: Ibm Concert
CVE-2024-49354Same product: Ibm Concert
CVE-2025-33089Same product: Ibm Concert
CVE-2025-13689Same vendor: Ibm
CVE-2024-25034Same vendor: Ibm
CVE-2024-40693Same vendor: Ibm
CVE-2024-39752Same vendor: Ibm

Affected Assets

ibm
concert
1.0.0 — 2.2.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces validation of uploaded file content to block malicious files in the web interface.

prevent

Remediates the specific file validation flaw through timely patching of IBM Concert as advised.

preventdetect

Scans and blocks malicious code in uploaded files, mitigating exploitation even if validation fails.

References