IBM Security QRadar EDR: Sensitive data can be decrypted by attackers

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.5

IBM Security QRadar EDR: Sensitive data can be decrypted by attackers

CVE-2025-36379

Summary

IBM Security QRadar EDR versions 3.12 through 3.12.23 use outdated encryption that could let hackers access confidential information. This makes it a high-risk situation for organizations using these versions. Update to a fixed version to protect sensitive data.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
ibm	qradar_edr	> 3.12.0 , <= 3.12.24	–

Original title

IBM Security QRadar EDR 3.12 through 3.12.23 IBM Security ReaQta uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

Original description

IBM Security QRadar EDR 3.12 through 3.12.23 IBM Security ReaQta uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

nvd CVSS3.1 7.5

Vulnerability type

CWE-326 Inadequate Encryption Strength

https://www.ibm.com/support/pages/node/7260390 Vendor Advisory

Published: 17 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026