CVE-2025-36368 is an SQL injection vulnerability classified under CWE-89 affecting IBM Sterling B2B Integrator and IBM Sterling File Gateway across multiple versions (6.1.0.0 to 6.1.2.7_2, 6.2.0.0 to 6.2.0.5_1, and 6.2.1.0 to 6.2.1.1_1). The flaw arises from improper neutralization of special elements in SQL commands, allowing an attacker with administrative privileges to inject malicious SQL queries. This can lead to unauthorized access to the backend database, enabling the attacker to view, add, modify, or delete critical data. The vulnerability is remotely exploitable without user interaction but requires high privileges (administrative access). The CVSS 3.1 score of 6.5 reflects medium severity, with high impact on confidentiality and integrity but no impact on availability. No patches are currently linked, and no known exploits are reported in the wild, indicating the vulnerability is newly disclosed. The affected products are widely used in enterprise B2B data exchange and file transfer environments, making this vulnerability significant for organizations relying on IBM Sterling solutions for secure business communications.

The exploitation of CVE-2025-36368 can have serious consequences for organizations using IBM Sterling B2B Integrator and File Gateway. An attacker with administrative access can manipulate backend databases, leading to unauthorized disclosure of sensitive business data, alteration of transaction records, or deletion of critical information. This compromises data confidentiality and integrity, potentially disrupting business operations and damaging trust with partners. Since these products are integral to B2B communications and file transfers, successful exploitation could affect supply chain processes, financial transactions, and regulatory compliance. Although availability is not directly impacted, the indirect effects of data corruption or loss could cause operational downtime and recovery costs. The requirement for administrative privileges limits the attack surface but also implies that insider threats or compromised admin accounts pose a significant risk. Organizations worldwide that depend on these IBM products for secure data exchange are at risk of data breaches and operational disruptions if this vulnerability is not addressed.

Organizations should immediately assess their deployment of IBM Sterling B2B Integrator and File Gateway to identify affected versions. Since no patches are currently linked, administrators should implement strict access controls to limit administrative privileges only to trusted personnel and monitor administrative activities for suspicious behavior. Employ network segmentation and firewall rules to restrict access to management interfaces from untrusted networks. Enable detailed logging and alerting on database queries and administrative commands to detect potential exploitation attempts. Consider deploying Web Application Firewalls (WAFs) with custom rules to detect and block SQL injection patterns targeting the affected interfaces. Regularly review and update credentials, enforce multi-factor authentication for administrative access, and conduct security awareness training to reduce insider threat risks. Stay informed on IBM security advisories for forthcoming patches or updates and apply them promptly once available. Conduct penetration testing and vulnerability assessments focusing on SQL injection vectors in the affected systems to validate mitigation effectiveness.