IBM FSP Vulnerability: Static Credentials May Allow Network Users to Gain Service Privileges
CVE-2024-45656

9.8CRITICAL

Key Information:

Vendor: IBM
Status: Flexible Service Processor
Vendor: CVE Published:; 29 October 2024

What is CVE-2024-45656?

The IBM Flexible Service Processor is affected by a vulnerability due to the presence of static credentials within multiple firmware versions, including FW860.00 to FW860.B3, FW950.00 to FW950.C0, FW1030.00 to FW1030.61, FW1050.00 to FW1050.21, and FW1060.00 to FW1060.10. This security issue enables unauthorized network users to potentially gain service privileges, posing a risk to the integrity and security of the system. It is essential for organizations using impacted firmware versions to address this vulnerability promptly to safeguard their environments.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Flexible Service Processor FW860.00

Flexible Service Processor FW950.00

Flexible Service Processor FW1030.00

References

https://www.ibm.com/support/pages/node/7174183

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 29, 2024
Vulnerability Reserved
Sep 3, 2024

JSON

IBM

What is CVE-2024-45656?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.