A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution with SYSTEM privileges.
The vulnerability consists of a stack-based buffer overflow in the eFilm Workstation license server component — specifically in the CopySLS_Request3 function. An attacker can send a specially crafted network request to the license server without requiring authentication, which leads to stack memory being overwritten. Successful exploitation of the vulnerability allows arbitrary code execution in the context of the server process running with SYSTEM privileges.
An attacker gains the ability to execute arbitrary code (RCE) with SYSTEM privileges on a vulnerable system, which means complete takeover of the host, including access to patient data and medical infrastructure.
Patches available from the manufacturer should be applied in accordance with references. As a temporary workaround, it is recommended to restrict network access to the eFilm Workstation license server port only to trusted hosts using a firewall, until the official patch is deployed.
IBM Merge Healthcare eFilm Workstation — versions indicated in manufacturer references; the vulnerable component is the license server
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HIBM Merge Efilm Workstation
APPIbm≤ 4.2
Related vulnerabilities
Zakodowane na stałe dane uwierzytelniające w IBM Merge Healthcare eFilm Workstation
Buffer overflow w serwerze licencji IBM Merge Healthcare eFilm Workstation — RCE
An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation. A local, auth...
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on t...
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass sec...