What is CVE-2025-36035?

CVE-2025-36035 is a medium-severity vulnerability in Ibm Powervm Hypervisor, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 6.7/10. Published 2025-09-14.

How severe is CVE-2025-36035?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Resource exhaustion in Ibm Powervm Hypervisor

CVE-2025-36035

IBM PowerVM Hypervisor FW950.00 through FW950.E0, FW1050.00 through FW1050.50, and FW1060.00 through FW1060.40 could allow a local privileged user to cause a denial of service by issuing a specially crafted IBM i hypervisor call that would…

EPSS: 0.000 (2.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:H.

Affected products

Ibm Powervm Hypervisor — versions FW950.00, FW1050.00, FW1060.00

Weakness classification (CWE)

CWE-770 — Allocation of Resources Without Limits or Throttling

References

www.ibm.com/support/pages/node/7244813 (vendor-advisory, patch)

Frequently asked questions

What is CVE-2025-36035?: CVE-2025-36035 is a medium-severity vulnerability in Ibm Powervm Hypervisor, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 6.7/10. Published 2025-09-14.
How severe is CVE-2025-36035?: Medium severity. CVSS v3 base score is 6.7 out of 10.