CVE-2025-36035 is a vulnerability identified in IBM PowerVM Hypervisor versions FW950.00 through FW950.E0, FW1050.00 through FW1050.50, and FW1060.00 through FW1060.40. The flaw is categorized under CWE-770, which involves allocation of resources without limits or throttling. Specifically, a local privileged user can exploit this vulnerability by issuing a specially crafted IBM i hypervisor call. This call can lead to two primary adverse effects: disclosure of memory contents and excessive consumption of memory resources. The excessive memory consumption can cause a denial of service (DoS) condition, impacting the availability of the hypervisor and any virtual machines running on it. The vulnerability requires local privileged access, meaning the attacker must already have elevated permissions on the host system. The CVSS v3.1 base score is 6.7 (medium severity), with vector AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:H. This indicates local attack vector, low attack complexity, high privileges required, no user interaction, and a scope change where confidentiality is partially impacted (memory disclosure), integrity is not affected, and availability is highly impacted (DoS). No known exploits are reported in the wild as of the publication date. The vulnerability affects IBM PowerVM Hypervisor firmware versions widely used in enterprise environments for virtualization on IBM Power Systems hardware. The flaw arises from insufficient throttling or limits on resource allocation when processing hypervisor calls, allowing resource exhaustion and leakage of memory contents.

For European organizations using IBM PowerVM Hypervisor, especially those relying on IBM Power Systems for critical workloads, this vulnerability poses a significant risk to system availability and confidentiality. The denial of service caused by resource exhaustion could lead to downtime of virtualized environments, disrupting business operations, especially in sectors like finance, manufacturing, and government where IBM Power Systems are prevalent. The partial memory disclosure could expose sensitive information residing in hypervisor memory, potentially leaking data from other virtual machines or the host. Given the requirement for local privileged access, the threat is more relevant in environments where multiple administrators or users have elevated privileges or where insider threats exist. The scope change in the vulnerability means that the impact extends beyond the initially compromised component, potentially affecting other virtual machines and services running on the same hypervisor, increasing the blast radius. European organizations with strict data protection regulations (e.g., GDPR) must consider the confidentiality impact seriously, as memory disclosure could lead to unauthorized data exposure. The lack of known exploits in the wild reduces immediate risk but does not eliminate the threat, especially if attackers develop exploits targeting this vulnerability.

1. Apply patches and firmware updates from IBM as soon as they become available for the affected PowerVM Hypervisor versions. Regularly monitor IBM security advisories for updates. 2. Restrict local privileged access strictly to trusted administrators and implement strong access controls and auditing to detect any unauthorized or suspicious hypervisor calls. 3. Employ robust monitoring of hypervisor resource usage to detect abnormal memory consumption patterns that could indicate exploitation attempts. 4. Use virtualization security best practices such as isolating critical workloads, limiting the number of privileged users, and employing role-based access controls (RBAC) to minimize the risk of insider threats. 5. Consider implementing additional memory protection mechanisms or hypervisor-level security controls if supported by the environment to limit the impact of memory disclosure. 6. Conduct regular security assessments and penetration testing focusing on hypervisor security to identify potential exploitation vectors. 7. Prepare incident response plans specifically addressing hypervisor-level DoS and data leakage scenarios to ensure rapid containment and recovery.