IBM has issued a security warning urging users to patch a critical authentication bypass vulnerability in its API Connect platform, which could allow attackers to access applications remotely without authorization. The flaw affects multiple versions and has a severity rating of 9.8/10, with potentially widespread impacts across industries like banking and healthcare. #CVE-2025-13915 #APIConnect #IBMsecurity
Keypoints
- IBM’s API Connect platform has a critical vulnerability that enables remote attacker access.
- The security flaw is tracked as CVE-2025-13915 and affects specific versions of API Connect.
- Successful exploitation does not require user interaction and allows bypassing authentication.
- IBM recommends upgrading to the latest software release or disabling self-service sign-up as mitigation.
- Regulatory agencies like CISA have flagged past IBM vulnerabilities as actively exploited in the wild.