Cyber Security News

IBM Warns of AIX Vulnerabilities Allowing Arbitrary Command Execution

IBM has recently issued a critical security warning regarding vulnerabilities in its AIX operating system that could allow remote attackers to execute arbitrary commands.

The vulnerabilities, identified as CVE-2024-56346 and CVE-2024-56347, were discovered in the IBM AIX nimesis NIM master service and the nimsh service SSL/TLS protection mechanisms.

Affected Product

The vulnerabilities impact versions 7.2 and 7.3 of the AIX operating system. Here is a summary of the affected products and versions:

Affected ProductVersion(s)Fileset(s)
AIX7.2bos.sysmgt.nim.client, bos.sysmgt.nim.master, bos.sysmgt.sysbr
AIX7.3bos.sysmgt.nim.client, bos.sysmgt.nim.master, bos.sysmgt.sysbr

Vulnerability Details

  • CVE-2024-56346: This vulnerability affects the IBM AIX nimesis NIM master service, allowing a remote attacker to execute arbitrary commands due to improper process controls. The CVSS Base Score is 10, indicating a high severity level.
  • CVE-2024-56347: This vulnerability affects the IBM AIX nimsh service SSL/TLS protection mechanisms. Similar to CVE-2024-56346, it also allows remote attackers to execute arbitrary commands due to improper process controls. The CVSS Base Score is 9.6, indicating a severe impact.

Both vulnerabilities fall under CWE-114: Process Control, which highlights a failure to properly manage the execution of processes, leading to potential security breaches.

Remediation/Fixes

IBM has provided specific fixes for these vulnerabilities through APARs (Authorized Program Analysis Reports) for different versions of AIX:

  • AIX 7.2.5: APAR IJ53757 with Service Pack 10.
  • AIX 7.3.1: APAR IJ53929.
  • AIX 7.3.2: APAR IJ53923 with Service Pack 04.
  • AIX 7.3.3: APAR IJ53792 with Service Pack 01.

Additionally, VIOS users can update using APARs specific to their versions. It is crucial to check the installed filesets using the lslpp command and apply the necessary patches to mitigate these serious security risks.

IBM emphasizes the importance of regular system maintenance and prompt application of security fixes to protect against potential threats.

Users should ensure that all affected systems are updated with the latest patches to safeguard their networks.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

BFDOOR Malware Targets Organizations to Establish Long-Term Persistence

The BPFDoor malware has emerged as a significant threat targeting domestic and international organizations, particularly…

4 hours ago

Uncovering the Security Risks of Data Exposure in AI-Powered Tools like Snowflake’s CORTEX

As artificial intelligence continues to reshape the technological landscape, tools like Snowflake’s CORTEX Search Service…

5 hours ago

UNC3944 Hackers Shift from SIM Swapping to Ransomware and Data Extortion

UNC3944, a financially-motivated threat actor also linked to the group known as Scattered Spider, has…

5 hours ago

Over 2,800 Hacked Websites Targeting MacOS Users with AMOS Stealer Malware

Cybersecurity researcher has uncovered a massive malware campaign targeting MacOS users through approximately 2,800 compromised…

5 hours ago

Hackers Bypass AI Filters from Microsoft, Nvidia, and Meta Using a Simple Emoji

Cybersecurity researchers have uncovered a critical flaw in the content moderation systems of AI models…

6 hours ago

Microsoft Alerts That Default Helm Charts May Expose Kubernetes Apps to Data Leaks

Microsoft’s cybersecurity research team has issued a stark warning about the risks of using default…

6 hours ago