CVE-2025-0975 is a vulnerability classified under CWE-150, which involves improper neutralization of escape, meta, or control sequences within the IBM MQ console interface. IBM MQ versions 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD are affected. The flaw allows an authenticated user to inject and execute arbitrary code by exploiting insufficient sanitization of escape characters in the console input. This improper neutralization can lead to command injection or code execution, compromising the system running IBM MQ. The vulnerability has a CVSS 3.1 base score of 8.8, indicating high severity, with attack vector being network-based, low attack complexity, requiring privileges but no user interaction, and impacting confidentiality, integrity, and availability. IBM MQ is widely used in enterprise environments for reliable messaging and transaction processing, making this vulnerability particularly critical. Although no public exploits have been reported yet, the ease of exploitation and potential impact necessitate urgent attention. The vulnerability was publicly disclosed on February 28, 2025, with no patches listed at the time, emphasizing the need for immediate risk mitigation.

The impact of CVE-2025-0975 is substantial for organizations worldwide that rely on IBM MQ for messaging and transaction processing. Successful exploitation can lead to arbitrary code execution on the IBM MQ server, potentially allowing attackers to gain unauthorized access, manipulate or exfiltrate sensitive data, disrupt messaging services, and compromise the integrity and availability of critical business processes. This could result in operational downtime, financial losses, regulatory non-compliance, and reputational damage. Given IBM MQ's role in sectors such as banking, government, healthcare, and manufacturing, the vulnerability poses a risk to critical infrastructure and sensitive information. The requirement for authentication limits exposure to some extent, but insider threats or compromised credentials could be leveraged by attackers. The lack of known exploits currently provides a window for proactive defense, but the high severity score indicates that exploitation could have severe consequences.

To mitigate CVE-2025-0975, organizations should immediately restrict access to the IBM MQ console to only trusted and necessary personnel, enforcing strict authentication and authorization controls. Network segmentation and firewall rules should limit console access to secure management networks. Monitoring and logging of console activities should be enhanced to detect unusual or unauthorized commands indicative of exploitation attempts. Until official patches are released by IBM, consider applying temporary workarounds such as disabling or limiting features that process escape sequences in console inputs if feasible. Regularly update and rotate credentials to reduce the risk of compromised accounts. Conduct thorough security assessments and penetration tests focused on IBM MQ environments to identify potential exploitation paths. Once IBM releases patches or updates, prioritize their deployment in all affected environments. Additionally, educate administrators about the risks of this vulnerability and the importance of secure console usage practices.