CRITICAL🇵🇱 Wersja polska

CVE-2024-23621

CVSS 10.0v3.1pub. 2024-01-26upd. 2024-11-21

A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution.

🤖 AI Analysis
How it works

The vulnerability results from incorrect buffer size calculation (CWE-131) and lack of proper boundary verification when copying data to the buffer (CWE-120 — classic buffer overflow). An attacker can send a specially crafted network request to the license server without the need for authentication, causing buffer overflow. This results in the possibility of taking control over the program execution flow and executing arbitrary code in the context of the license server process.

Impact

A remote, unauthenticated attacker can gain full control over the system by executing arbitrary code (RCE), which potentially leads to violation of confidentiality, integrity, and availability of the system and data.

Mitigation & patch

Patches available from the vendor should be applied in accordance with the references. Additionally, it is recommended to restrict network access to the license server exclusively to trusted hosts using a firewall and to monitor network traffic directed to this component.

Who is affected

IBM Merge Healthcare eFilm Workstation — specific versions indicated in vendor references and Exodus Intel publication

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • IBM Merge Efilm Workstation

    APP
    Ibm
    ≤ 4.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEAuth BypassMemory
CWE
References

Related vulnerabilities

CVE-2024-23619CRITICAL9.8PL ✓ten sam produkt

Zakodowane na stałe dane uwierzytelniające w IBM Merge Healthcare eFilm Workstation

CVE-2024-23622CRITICAL10.0PL ✓ten sam produkt

Stack-based buffer overflow w IBM Merge Healthcare eFilm Workstation — RCE jako SYSTEM

CVE-2024-23620HIGH8.8ten sam produkt

An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation. A local, auth...

CVE-2022-47986CRITICAL9.8⚠ KEVten sam vendor

IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on t...

CVE-2020-4427CRITICAL9.8⚠ KEVten sam vendor

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass sec...