IBM Product Security Update Advisory

Overview

 

We have released a security update to fix vulnerabilities in IBM products. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-33076, CVE-2025-33077

 

IBM Engineering Systems Design Rhapsody Version: 9.0.2
IBM Engineering Systems Design Rhapsody Version: 10.0
IBM Engineering Systems Design Rhapsody Version: 10.0.1

 

 

Resolved Vulnerabilities

 

Stack-based buffer overflow vulnerability due to improper boundary validation in IBM Engineering Systems Design Rhapsody (CVE-2025-33076)
Stack-based buffer overflow vulnerability due to improper boundary validation in IBM Engineering Systems Design Rhapsody (CVE-2025-33077)

 

 

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2025-33076, CVE-2025-33077

 

IBM Engineering Systems Design Rhapsody Version: 9.0.2 iFix004
IBM Engineering Systems Design Rhapsody Version: 10.0 iFix002
IBM Engineering Systems Design Rhapsody Version: 10.0.1 iFix003

 

 

References

 

[1] Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2025-33076
https://www.ibm.com/support/pages/node/7240368
[2] Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2025-33077
https://www.ibm.com/support/pages/node/7240375