CVE-2025-36001 is a vulnerability classified under CWE-674 (Uncontrolled Recursion) affecting IBM Db2 for Linux, UNIX, and Windows, including Db2 Connect Server, specifically versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3. The flaw arises when an authenticated user submits a specially crafted SQL statement that includes XML content designed to trigger uncontrolled recursion within the database engine's processing logic. This uncontrolled recursion can exhaust system resources, leading to a denial of service condition where the database service becomes unresponsive or crashes. The vulnerability requires the attacker to have authenticated access to the database, but no additional user interaction is necessary once authenticated. The CVSS v3.1 score of 6.5 reflects a medium severity, with network attack vector, low attack complexity, and no impact on confidentiality or integrity, but a high impact on availability. No public exploits have been reported, and no patches have been officially released at the time of this analysis. This vulnerability could be exploited by malicious insiders or compromised accounts to disrupt database availability, impacting business operations dependent on IBM Db2.

For European organizations, the primary impact is a denial of service on critical database infrastructure, potentially disrupting business-critical applications and services that rely on IBM Db2. This can lead to operational downtime, loss of productivity, and potential financial losses. Industries such as finance, telecommunications, manufacturing, and public sector entities that utilize IBM Db2 extensively could face significant disruptions. Since the vulnerability requires authenticated access, the risk is heightened if internal user accounts are compromised or if insufficient access controls are in place. The unavailability of database services may also affect compliance with regulatory requirements for service continuity and data availability. Additionally, organizations with interconnected systems relying on Db2 may experience cascading effects, amplifying the operational impact.

Organizations should implement strict access controls to limit authenticated user privileges to only those necessary for their roles, reducing the risk of exploitation. Monitoring and logging of SQL queries, especially those containing XML data, should be enhanced to detect anomalous or recursive patterns indicative of exploitation attempts. Network segmentation and database firewalling can help restrict access to trusted users and systems. Until official patches are released by IBM, consider deploying application-layer input validation to detect and block maliciously crafted SQL statements with recursive XML content. Regularly review and update authentication mechanisms, including strong password policies and multi-factor authentication, to prevent unauthorized access. Once IBM releases patches or updates addressing this vulnerability, prioritize their timely deployment. Conduct thorough testing of patches in controlled environments before production rollout to ensure stability.