Vulnerability Details CVE-2025-36238
IBM PowerVM Hypervisor FW1110.00 through FW1110.03, FW1060.00 through FW1060.51, and FW950.00 through FW950.F0 could allow a local user with administration privileges to obtain sensitive information from a Virtual TPM through a series of PowerVM service procedures.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.3%
CVSS Severity
CVSS v3 Score 6.0
Products affected by CVE-2025-36238
-
cpe:2.3:o:ibm:powervm_hypervisor:fw1060.00
-
cpe:2.3:o:ibm:powervm_hypervisor:fw1060.10
-
cpe:2.3:o:ibm:powervm_hypervisor:fw1060.12
-
cpe:2.3:o:ibm:powervm_hypervisor:fw1060.20
-
cpe:2.3:o:ibm:powervm_hypervisor:fw1060.21
-
cpe:2.3:o:ibm:powervm_hypervisor:fw1060.40
-
cpe:2.3:o:ibm:powervm_hypervisor:fw1060.41
-
cpe:2.3:o:ibm:powervm_hypervisor:fw1060.50
-
cpe:2.3:o:ibm:powervm_hypervisor:fw1060.51
-
cpe:2.3:o:ibm:powervm_hypervisor:fw1110.00
-
cpe:2.3:o:ibm:powervm_hypervisor:fw1110.01
-
cpe:2.3:o:ibm:powervm_hypervisor:fw1110.03
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.00
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.10
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.11
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.20
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.30
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.40
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.50
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.60
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.70
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.71
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.80
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.90
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.a0
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.b0
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.c0
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.c1
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.c2
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.d0
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.d1
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.e0
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.e1
-
cpe:2.3:o:ibm:powervm_hypervisor:fw950.f0