diff --git a/documentation/modules/auxiliary/admin/http/ibm_drm_download.md b/documentation/modules/auxiliary/admin/http/ibm_drm_download.md
index b2bdce166dbc6..25a7df5ecb503 100644
--- a/documentation/modules/auxiliary/admin/http/ibm_drm_download.md
+++ b/documentation/modules/auxiliary/admin/http/ibm_drm_download.md
@@ -4,8 +4,9 @@ IBM Data Risk Manager (IDRM) contains two vulnerabilities that can be chained by
 The first is an unauthenticated bypass, followed by a path traversal.
 This module exploits both vulnerabilities, giving an attacker the ability to download (non-root) files.
 A downloaded file is zipped, and this module also unzips it before storing it in the database.
-By default, this module downloads Tomcat's 1application.properties` files, which contains the database password, amongst other sensitive data.
-At the time of disclosure, this is a 0day. Versions 2.0.3 and 2.0.2 are confirmed to be affected, and the latest 2.0.6 is most likely affected too. Version 2.0.1 is not vulnerable.
+By default, this module downloads Tomcat's application.properties file, which contains the database password, amongst other sensitive data.
+At the time of disclosure, this is was a 0 day, but IBM later patched it and released their advisory. 
+Versions 2.0.2 to 2.0.4 are vulnerable, version 2.0.1 is not.
 
 ### Vulnerability information
 For more information about the vulnerability check the advisory at:
diff --git a/documentation/modules/exploit/linux/http/ibm_drm_rce.md b/documentation/modules/exploit/linux/http/ibm_drm_rce.md
index 1626f5ae1eaaa..17a4d56720cc9 100644
--- a/documentation/modules/exploit/linux/http/ibm_drm_rce.md
+++ b/documentation/modules/exploit/linux/http/ibm_drm_rce.md
@@ -3,7 +3,8 @@
 IBM Data Risk Manager (IDRM) contains three vulnerabilities that can be chained by an unauthenticated attacker to achieve remote code execution as root.
 The first is an unauthenticated bypass, followed by a command injection as the server user, and finally abuse of an insecure default password.
 This module exploits all three vulnerabilities, giving the attacker a root shell.
-At the time of disclosure, this is a 0day. Versions 2.0.3 and below are confirmed to be affected, and the latest 2.0.6 is most likely affected too.
+At the time of disclosure this was an 0day, but it was later confirmed and patched by IBM. The authentication bypass works on versions <= 2.0.6.1,
+but the command injection should only work on versions <= 2.0.4 according to IBM.
 
 
 ### Vulnerability information
diff --git a/documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md b/documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md
index 20ac264edd28d..efb9970726745 100644
--- a/documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md
+++ b/documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md
@@ -2,7 +2,7 @@
 
 This module abuses a known default password in IBM Data Risk Manager. The 'a3user' has the default password 'idrm' and allows an attacker to log in to the virtual appliance via SSH.
 This can be escalated to full root access, as 'a3user' has `sudo` access with the default password.
-At the time of disclosure, this is a 0day. Versions <= 2.0.3 are confirmed to be affected, and the latest 2.0.6 is most likely affected too.
+At the time of disclosure this was an 0day, but it was later confirmed and patched by IBM. Versions <= 2.0.6.1 are confirmed to be vulnerable.
 
 ### Vulnerability information
 For more information about the vulnerability, check the advisory at:
diff --git a/modules/auxiliary/admin/http/ibm_drm_download.rb b/modules/auxiliary/admin/http/ibm_drm_download.rb
index 034228e385c5d..dea8053e0e33b 100644
--- a/modules/auxiliary/admin/http/ibm_drm_download.rb
+++ b/modules/auxiliary/admin/http/ibm_drm_download.rb
@@ -21,8 +21,8 @@ def initialize(info = {})
           A downloaded file is zipped, and this module also unzips it before storing it in the database.
           By default this module downloads Tomcat's application.properties files, which contains the
           database password, amongst other sensitive data.
-          At the time of disclosure, this is a 0 day. Versions 2.0.3 and 2.0.2 are confirmed to be
-          affected, and the latest 2.0.6 is most likely affected too. Version 2.0.1 is not vulnerable.
+          At the time of disclosure, this is was a 0 day, but IBM later patched it and released their advisory.
+          Versions 2.0.2 to 2.0.4 are vulnerable, version 2.0.1 is not.
         },
         'Author' =>
           [
@@ -38,7 +38,8 @@ def initialize(info = {})
             [ 'CVE', '2020-4427' ], # auth bypass
             [ 'CVE', '2020-4429' ], # insecure default password
             [ 'URL', 'https://github.com/pedrib/PoC/blob/master/advisories/IBM/ibm_drm/ibm_drm_rce.md' ],
-            [ 'URL', 'https://seclists.org/fulldisclosure/2020/Apr/33' ]
+            [ 'URL', 'https://seclists.org/fulldisclosure/2020/Apr/33' ],
+            [ 'URL', 'https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-exist-in-ibm-data-risk-manager-cve-2020-4427-cve-2020-4428-cve-2020-4429-and-cve-2020-4430/']
           ],
         'DisclosureDate' => '2020-04-21',
         'Actions' => [
diff --git a/modules/exploits/linux/http/ibm_drm_rce.rb b/modules/exploits/linux/http/ibm_drm_rce.rb
index 185ab065e36e5..07d92f1cd8f38 100644
--- a/modules/exploits/linux/http/ibm_drm_rce.rb
+++ b/modules/exploits/linux/http/ibm_drm_rce.rb
@@ -20,8 +20,9 @@ def initialize(info = {})
           The first is an unauthenticated bypass, followed by a command injection as the server user,
           and finally abuse of an insecure default password.
           This module exploits all three vulnerabilities, giving the attacker a root shell.
-          At the time of disclosure, this is a 0day. Versions 2.0.3 and below are confirmed to be
-          affected, and the latest 2.0.6 is most likely affected too.
+          At the time of disclosure this was an 0day, but it was later confirmed and patched by IBM.
+          The authentication bypass works on versions <= 2.0.6.1, but the command injection should only work on
+          versions <= 2.0.4 according to IBM.
         },
         'Author' =>
           [
@@ -34,13 +35,14 @@ def initialize(info = {})
             [ 'CVE', '2020-4428' ], # command injection
             [ 'CVE', '2020-4429' ], # insecure default password
             [ 'URL', 'https://github.com/pedrib/PoC/blob/master/advisories/IBM/ibm_drm/ibm_drm_rce.md' ],
-            [ 'URL', 'https://seclists.org/fulldisclosure/2020/Apr/33' ]
+            [ 'URL', 'https://seclists.org/fulldisclosure/2020/Apr/33' ],
+            [ 'URL', 'https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-exist-in-ibm-data-risk-manager-cve-2020-4427-cve-2020-4428-cve-2020-4429-and-cve-2020-4430/' ]
           ],
         'Platform' => 'linux',
         'Arch' => [ ARCH_X86, ARCH_X64 ],
         'Targets' =>
           [
-            [ 'IBM Data Risk Manager <= 2.0.3 (<= 2.0.6 possibly affected)', {} ]
+            [ 'IBM Data Risk Manager <= 2.0.4', {} ]
           ],
         'Privileged' => true,
         'DefaultOptions' =>
diff --git a/modules/exploits/linux/ssh/ibm_drm_a3user.rb b/modules/exploits/linux/ssh/ibm_drm_a3user.rb
index 3e1f13c0106ed..3afe8becc7ded 100644
--- a/modules/exploits/linux/ssh/ibm_drm_a3user.rb
+++ b/modules/exploits/linux/ssh/ibm_drm_a3user.rb
@@ -17,8 +17,8 @@ def initialize(info = {})
           This module abuses a known default password in IBM Data Risk Manager. The 'a3user'
           has the default password 'idrm' and allows an attacker to log in to the virtual appliance
           via SSH. This can be escalate to full root access, as 'a3user' has sudo access with the default password.
-          At the time of disclosure, this is a 0day. Versions <= 2.0.3 are confirmed to be
-          affected, and the latest 2.0.6 is most likely affected too.
+          At the time of disclosure this was an 0day, but it was later confirmed and patched by IBM.
+          Versions <= 2.0.6.1 are confirmed to be vulnerable.
         },
         'License' => MSF_LICENSE,
         'Author' =>
@@ -29,7 +29,8 @@ def initialize(info = {})
           [
             [ 'CVE', '2020-4429' ], # insecure default password
             [ 'URL', 'https://github.com/pedrib/PoC/blob/master/advisories/IBM/ibm_drm/ibm_drm_rce.md' ],
-            [ 'URL', 'https://seclists.org/fulldisclosure/2020/Apr/33' ]
+            [ 'URL', 'https://seclists.org/fulldisclosure/2020/Apr/33' ],
+            [ 'URL', 'https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-exist-in-ibm-data-risk-manager-cve-2020-4427-cve-2020-4428-cve-2020-4429-and-cve-2020-4430/']
           ],
         'Payload' =>
           {
@@ -42,7 +43,7 @@ def initialize(info = {})
         'Arch' => ARCH_CMD,
         'Targets' =>
           [
-            [ 'IBM Data Risk Manager <= 2.0.3 (<= 2.0.6 possibly affected)', {} ]
+            [ 'IBM Data Risk Manager <= 2.0.6.1', {} ]
           ],
         'Privileged' => true,
         'DefaultTarget' => 0,