CVE-2025-33004 is a path traversal vulnerability identified in IBM Planning Analytics Local versions 2.0 and 2.1. This vulnerability arises from improper limitation of a pathname to a restricted directory (CWE-22), allowing a privileged user to delete files outside of intended directories. Specifically, the flaw permits a user with elevated privileges to manipulate file paths in such a way that the system does not correctly restrict access to sensitive directories, enabling unauthorized deletion of files. The vulnerability does not require user interaction but does require privileged access, which means exploitation is limited to users who already have elevated permissions on the system. The CVSS v3.1 base score is 6.5 (medium severity), reflecting the network attack vector (AV:N), low attack complexity (AC:L), requirement for privileges (PR:H), no user interaction (UI:N), unchanged scope (S:U), no confidentiality impact (C:N), but high impact on integrity (I:H) and availability (A:H). This indicates that while confidentiality is not compromised, the integrity and availability of the system can be significantly affected by unauthorized file deletions. No known exploits are reported in the wild yet, and no patches have been linked at the time of publication. The vulnerability is particularly concerning in environments where IBM Planning Analytics Local is used for critical business planning and analytics, as file deletion could disrupt operations or lead to data loss.

For European organizations using IBM Planning Analytics Local 2.0 or 2.1, this vulnerability poses a risk primarily to the integrity and availability of their analytics environments. Since the flaw allows privileged users to delete files outside of intended directories, it could lead to loss of critical configuration files, data files, or system components, resulting in service disruption or downtime. This could impact financial planning, forecasting, and decision-making processes that rely on the availability and accuracy of analytics data. Although exploitation requires privileged access, insider threats or compromised privileged accounts could leverage this vulnerability to cause damage or sabotage. The lack of confidentiality impact reduces the risk of data leakage, but the potential for operational disruption is significant. Given the reliance on IBM Planning Analytics in sectors such as finance, manufacturing, and government within Europe, the operational impact could be substantial, especially if recovery mechanisms or backups are insufficient. Additionally, the medium severity rating suggests that while the threat is not critical, timely remediation is important to prevent exploitation in sensitive environments.

European organizations should implement the following specific mitigation measures: 1) Restrict privileged access strictly to trusted administrators and enforce the principle of least privilege to minimize the number of users who can exploit this vulnerability. 2) Monitor and audit privileged user activities closely to detect any unusual file deletion or path manipulation attempts. 3) Implement robust backup and recovery procedures for IBM Planning Analytics Local environments to quickly restore any deleted files and minimize downtime. 4) Apply any available vendor patches or updates as soon as IBM releases them; in the absence of patches, consider temporary compensating controls such as filesystem permissions hardening to restrict deletion rights even for privileged users where feasible. 5) Use application whitelisting or endpoint protection solutions that can detect and block unauthorized file deletions or suspicious filesystem operations. 6) Conduct regular security training for administrators to raise awareness about the risks of path traversal vulnerabilities and the importance of secure file handling practices. 7) If possible, isolate IBM Planning Analytics Local instances in segmented network zones to limit the potential impact of compromised privileged accounts.