Vulnerabilities

Critical SQL Injection Flaw Found in IBM Watsonx Platform

IBM reveals a critical SQL injection flaw in Watsonx Orchestrate, urging immediate updates to protect sensitive data and AI workflows.

By Content Team

Sep 1, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

IBM disclosed a serious blind SQL injection vulnerability (CVE-2025-0165) in its Watsonx Orchestrate Cartridge for Cloud Pak Data, earning a 7.6 CVSS score. The flaw stems from improper input sanitization, allowing attackers with low-level access to inject malicious SQL commands through exposed API endpoints.

Attackers could potentially read confidential data, modify user permissions, delete critical information, or insert malicious entries into backend databases. The vulnerability affects versions 4.8.4-4.8.5 and 5.0.0-5.2.

IBM urges immediate upgrades to version 5.2.0.1, which includes strict input validation and parameterized queries. No workarounds exist, making prompt patching essential for protecting AI-driven workflows.

Source: Cyber Security News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Pennsylvania Community College Shuts Down After Ransomware Attack Encrypts All Data

Mar 13, 2026

TeamPCP Hackers Compromise Official Telnyx Python Package in Supply Chain Attack

Mar 28, 2026

Nearly 1 Million User Records Compromised in Figure Data Breach

Feb 19, 2026

FortiGate Firewalls Under Attack: Hackers Exploit Critical Vulnerabilities to Steal Corporate Credentials

Mar 15, 2026