IBM AIX privilege escalation
CVE-2023-26286

8.4HIGH

Key Information:

Vendor
IBM
Status
Vendor
CVE Published:
26 April 2023

Summary

A vulnerability in the AIX runtime services library affects multiple versions of IBM AIX and VIOS, potentially allowing a non-privileged local user to execute arbitrary commands. This can lead to unauthorized control over the system, compromising its integrity and security. Users should review security measures and apply patches to safeguard against potential exploits.

Affected Version(s)

AIX 7.1, 7.2, 7.3, VIOS 3.1

References

CVSS V3.1

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.