diff --git a/documentation/modules/auxiliary/admin/http/ibm_drm_download.md b/documentation/modules/auxiliary/admin/http/ibm_drm_download.md
index b2bdce166d..25a7df5ecb 100644
--- a/documentation/modules/auxiliary/admin/http/ibm_drm_download.md
+++ b/documentation/modules/auxiliary/admin/http/ibm_drm_download.md
@@ -4,8 +4,9 @@ IBM Data Risk Manager (IDRM) contains two vulnerabilities that can be chained by
 The first is an unauthenticated bypass, followed by a path traversal.
 This module exploits both vulnerabilities, giving an attacker the ability to download (non-root) files.
 A downloaded file is zipped, and this module also unzips it before storing it in the database.
-By default, this module downloads Tomcat's 1application.properties` files, which contains the database password, amongst other sensitive data.
-At the time of disclosure, this is a 0day. Versions 2.0.3 and 2.0.2 are confirmed to be affected, and the latest 2.0.6 is most likely affected too. Version 2.0.1 is not vulnerable.
+By default, this module downloads Tomcat's application.properties file, which contains the database password, amongst other sensitive data.
+At the time of disclosure, this is was a 0 day, but IBM later patched it and released their advisory. 
+Versions 2.0.2 to 2.0.4 are vulnerable, version 2.0.1 is not.
 
 ### Vulnerability information
 For more information about the vulnerability check the advisory at:
diff --git a/documentation/modules/exploit/linux/http/ibm_drm_rce.md b/documentation/modules/exploit/linux/http/ibm_drm_rce.md
index 1626f5ae1e..17a4d56720 100644
--- a/documentation/modules/exploit/linux/http/ibm_drm_rce.md
+++ b/documentation/modules/exploit/linux/http/ibm_drm_rce.md
@@ -3,7 +3,8 @@
 IBM Data Risk Manager (IDRM) contains three vulnerabilities that can be chained by an unauthenticated attacker to achieve remote code execution as root.
 The first is an unauthenticated bypass, followed by a command injection as the server user, and finally abuse of an insecure default password.
 This module exploits all three vulnerabilities, giving the attacker a root shell.
-At the time of disclosure, this is a 0day. Versions 2.0.3 and below are confirmed to be affected, and the latest 2.0.6 is most likely affected too.
+At the time of disclosure this was an 0day, but it was later confirmed and patched by IBM. The authentication bypass works on versions <= 2.0.6.1,
+but the command injection should only work on versions <= 2.0.4 according to IBM.
 
 
 ### Vulnerability information
diff --git a/documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md b/documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md
index 20ac264edd..efb9970726 100644
--- a/documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md
+++ b/documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md
@@ -2,7 +2,7 @@
 
 This module abuses a known default password in IBM Data Risk Manager. The 'a3user' has the default password 'idrm' and allows an attacker to log in to the virtual appliance via SSH.
 This can be escalated to full root access, as 'a3user' has `sudo` access with the default password.
-At the time of disclosure, this is a 0day. Versions <= 2.0.3 are confirmed to be affected, and the latest 2.0.6 is most likely affected too.
+At the time of disclosure this was an 0day, but it was later confirmed and patched by IBM. Versions <= 2.0.6.1 are confirmed to be vulnerable.
 
 ### Vulnerability information
 For more information about the vulnerability, check the advisory at:
diff --git a/modules/auxiliary/admin/http/ibm_drm_download.rb b/modules/auxiliary/admin/http/ibm_drm_download.rb
index 034228e385..dea8053e0e 100644
--- a/modules/auxiliary/admin/http/ibm_drm_download.rb
+++ b/modules/auxiliary/admin/http/ibm_drm_download.rb
@@ -21,8 +21,8 @@ class MetasploitModule < Msf::Auxiliary
           A downloaded file is zipped, and this module also unzips it before storing it in the database.
           By default this module downloads Tomcat's application.properties files, which contains the
           database password, amongst other sensitive data.
-          At the time of disclosure, this is a 0 day. Versions 2.0.3 and 2.0.2 are confirmed to be
-          affected, and the latest 2.0.6 is most likely affected too. Version 2.0.1 is not vulnerable.
+          At the time of disclosure, this is was a 0 day, but IBM later patched it and released their advisory.
+          Versions 2.0.2 to 2.0.4 are vulnerable, version 2.0.1 is not.
         },
         'Author' =>
           [
@@ -38,7 +38,8 @@ class MetasploitModule < Msf::Auxiliary
             [ 'CVE', '2020-4427' ], # auth bypass
             [ 'CVE', '2020-4429' ], # insecure default password
             [ 'URL', 'https://github.com/pedrib/PoC/blob/master/advisories/IBM/ibm_drm/ibm_drm_rce.md' ],
-            [ 'URL', 'https://seclists.org/fulldisclosure/2020/Apr/33' ]
+            [ 'URL', 'https://seclists.org/fulldisclosure/2020/Apr/33' ],
+            [ 'URL', 'https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-exist-in-ibm-data-risk-manager-cve-2020-4427-cve-2020-4428-cve-2020-4429-and-cve-2020-4430/']
           ],
         'DisclosureDate' => '2020-04-21',
         'Actions' => [
diff --git a/modules/exploits/linux/http/ibm_drm_rce.rb b/modules/exploits/linux/http/ibm_drm_rce.rb
index 185ab065e3..07d92f1cd8 100644
--- a/modules/exploits/linux/http/ibm_drm_rce.rb
+++ b/modules/exploits/linux/http/ibm_drm_rce.rb
@@ -20,8 +20,9 @@ class MetasploitModule < Msf::Exploit::Remote
           The first is an unauthenticated bypass, followed by a command injection as the server user,
           and finally abuse of an insecure default password.
           This module exploits all three vulnerabilities, giving the attacker a root shell.
-          At the time of disclosure, this is a 0day. Versions 2.0.3 and below are confirmed to be
-          affected, and the latest 2.0.6 is most likely affected too.
+          At the time of disclosure this was an 0day, but it was later confirmed and patched by IBM.
+          The authentication bypass works on versions <= 2.0.6.1, but the command injection should only work on
+          versions <= 2.0.4 according to IBM.
         },
         'Author' =>
           [
@@ -34,13 +35,14 @@ class MetasploitModule < Msf::Exploit::Remote
             [ 'CVE', '2020-4428' ], # command injection
             [ 'CVE', '2020-4429' ], # insecure default password
             [ 'URL', 'https://github.com/pedrib/PoC/blob/master/advisories/IBM/ibm_drm/ibm_drm_rce.md' ],
-            [ 'URL', 'https://seclists.org/fulldisclosure/2020/Apr/33' ]
+            [ 'URL', 'https://seclists.org/fulldisclosure/2020/Apr/33' ],
+            [ 'URL', 'https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-exist-in-ibm-data-risk-manager-cve-2020-4427-cve-2020-4428-cve-2020-4429-and-cve-2020-4430/' ]
           ],
         'Platform' => 'linux',
         'Arch' => [ ARCH_X86, ARCH_X64 ],
         'Targets' =>
           [
-            [ 'IBM Data Risk Manager <= 2.0.3 (<= 2.0.6 possibly affected)', {} ]
+            [ 'IBM Data Risk Manager <= 2.0.4', {} ]
           ],
         'Privileged' => true,
         'DefaultOptions' =>
diff --git a/modules/exploits/linux/ssh/ibm_drm_a3user.rb b/modules/exploits/linux/ssh/ibm_drm_a3user.rb
index 3e1f13c010..3afe8becc7 100644
--- a/modules/exploits/linux/ssh/ibm_drm_a3user.rb
+++ b/modules/exploits/linux/ssh/ibm_drm_a3user.rb
@@ -17,8 +17,8 @@ class MetasploitModule < Msf::Exploit::Remote
           This module abuses a known default password in IBM Data Risk Manager. The 'a3user'
           has the default password 'idrm' and allows an attacker to log in to the virtual appliance
           via SSH. This can be escalate to full root access, as 'a3user' has sudo access with the default password.
-          At the time of disclosure, this is a 0day. Versions <= 2.0.3 are confirmed to be
-          affected, and the latest 2.0.6 is most likely affected too.
+          At the time of disclosure this was an 0day, but it was later confirmed and patched by IBM.
+          Versions <= 2.0.6.1 are confirmed to be vulnerable.
         },
         'License' => MSF_LICENSE,
         'Author' =>
@@ -29,7 +29,8 @@ class MetasploitModule < Msf::Exploit::Remote
           [
             [ 'CVE', '2020-4429' ], # insecure default password
             [ 'URL', 'https://github.com/pedrib/PoC/blob/master/advisories/IBM/ibm_drm/ibm_drm_rce.md' ],
-            [ 'URL', 'https://seclists.org/fulldisclosure/2020/Apr/33' ]
+            [ 'URL', 'https://seclists.org/fulldisclosure/2020/Apr/33' ],
+            [ 'URL', 'https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-exist-in-ibm-data-risk-manager-cve-2020-4427-cve-2020-4428-cve-2020-4429-and-cve-2020-4430/']
           ],
         'Payload' =>
           {
@@ -42,7 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote
         'Arch' => ARCH_CMD,
         'Targets' =>
           [
-            [ 'IBM Data Risk Manager <= 2.0.3 (<= 2.0.6 possibly affected)', {} ]
+            [ 'IBM Data Risk Manager <= 2.0.6.1', {} ]
           ],
         'Privileged' => true,
         'DefaultTarget' => 0,