CVE-2025-33136

Summary

IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another user due to improper protection of assumed immutable data.

Affected Software

VendorProductVersion RangeStatus
IBMAspera Faspex5.0.0 <= 5.0.12affected

Weaknesses

  • CWE-471: CWE-471 Modification of Assumed-Immutable Data (MAID)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References