CVE-2025-36070 is a vulnerability classified under CWE-770, which pertains to the allocation of resources without proper limits or throttling, found in IBM Db2 for Linux, UNIX, and Windows versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3. The flaw manifests when certain types of database tables are queried, causing the system to allocate excessive resources that can lead to a trap condition, effectively resulting in a denial of service (DoS). This vulnerability can be triggered remotely over the network by an attacker with low-level privileges (PR:L), without requiring user interaction, making it relatively straightforward to exploit. The vulnerability affects the availability of the Db2 database service by causing it to crash or become unresponsive, disrupting normal operations. The absence of resource throttling or limits means that crafted queries can exhaust system resources, leading to service outages. No public exploits have been reported yet, but the vulnerability is published and recognized with a CVSS v3.1 score of 6.5, indicating a medium severity level. IBM has not yet released patches at the time of this report, so organizations must rely on interim mitigations. The vulnerability affects Db2 Connect Server as well, which is often used to connect distributed applications to Db2 databases, broadening the potential attack surface. Given the widespread use of IBM Db2 in enterprise environments, this vulnerability poses a risk to database availability and business continuity.

For European organizations, the primary impact of CVE-2025-36070 is the potential for denial of service on critical database systems running IBM Db2. This can lead to operational downtime, disruption of business processes, and potential financial losses, especially for sectors relying heavily on database availability such as finance, manufacturing, telecommunications, and public services. The vulnerability does not affect confidentiality or integrity directly but compromises availability, which can cascade into broader service outages. Organizations with distributed applications connected via Db2 Connect Server may experience wider impact due to the interconnected nature of their infrastructure. The ease of exploitation without user interaction and only requiring low privileges increases the risk of opportunistic attacks or insider threats. Additionally, the lack of current patches means organizations must implement compensating controls to maintain service continuity. The disruption could also affect compliance with regulatory requirements related to service availability and incident response, particularly under frameworks like GDPR and NIS Directive in Europe.

1. Monitor and analyze database query patterns to detect unusual or resource-intensive queries targeting specific table types. 2. Implement resource governance and query throttling mechanisms within Db2 to limit the impact of excessive resource consumption. 3. Restrict database access privileges to the minimum necessary, especially for users who can execute SELECT queries on sensitive or large tables. 4. Employ network segmentation and firewall rules to limit exposure of Db2 servers to untrusted networks. 5. Regularly review and audit database logs for signs of attempted exploitation or abnormal behavior. 6. Prepare for patch deployment by testing updates in controlled environments once IBM releases official fixes. 7. Consider deploying database high availability and failover solutions to minimize downtime in case of service disruption. 8. Educate database administrators and security teams about this vulnerability and the importance of proactive monitoring. 9. Use application-layer controls to validate and limit query complexity where possible. 10. Coordinate with IBM support for guidance and early access to patches or workarounds.