IBM i Access Client Solutions code execution

CVE-2023-45185

8.8HIGH

Key Information

Vendor: IBM
Status: I Access Client Solutions
Vendor: Published:; 14 December 2023

Badges

👾 Exploit Exists🙃 Public PoC

Summary

IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to execute remote code. Due to improper authority checks the attacker could perform operations on the PC under the user's authority. IBM X-Force ID: 268273.

Affected Version(s)

i Access Client Solutions <= 1.1.4

i Access Client Solutions <= 1.1.9.3

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-45185
Created by afine-com

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

HIGH

Integrity:

HIGH

Availability:

HIGH

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Timeline

👾
Exploit exists.
May 1, 2024
Vulnerability published.
Dec 14, 2023
Vulnerability Reserved.
Oct 5, 2023

Collectors

NVD DatabaseMitre Database1 Proof of Concept(s)