ByteOS Network

CVE Vulnerability Details :

CVE-2025-1994

PUBLISHED

More Info Official Page

Assigner-ibm

Assigner Org ID-9a959283-ebb5-44b6-b705-dcc2bbced522

Published At-26 Aug, 2025 | 16:49

Updated At-26 Aug, 2025 | 17:35

▼CVE Numbering Authority (CNA)

IBM Cognos Command Center code execution

IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the BinaryFormatter function.

Affected Products

Vendor

IBM Corporation

Product

Cognos Command Center

CPEs

cpe:2.3:a:ibm:cognos_command_center:10.2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_command_center:10.2.5:*:*:*:*:*:*:*

Default Status

unaffected

Versions

Affected

10.2.4.1
10.2.5

Problem Types

Type	CWE ID	Description
CWE	CWE-242	CWE-242 Use of Inherently Dangerous Function

Metrics

Version	Base score	Base severity	Vector
3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Solutions

IBM strongly recommends addressing the vulnerability now by upgrading. Affected Product(s)VersionFixIBM Cognos Command Center10.2.5 IBM Cognos Command Center 10.2.5 FP1 IF1 available for download from Fix Central https://www.ibm.com/support/pages/node/7239167 IBM Cognos Command Center10.2.4.1 IBM Cognos Command Center 10.2.5 FP1 IF1 available for download from Fix Central https://www.ibm.com/support/pages/node/7239167

References

Hyperlink	Resource
https://www.ibm.com/support/pages/node/7242159	vendor-advisory patch

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References