CRITICAL🇵🇱 Wersja polska

CVE-2024-23622

CVSS 10.0v3.1pub. 2024-01-26upd. 2024-11-21

A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution with SYSTEM privileges.

🤖 AI Analysis
How it works

The vulnerability consists of a stack-based buffer overflow in the eFilm Workstation license server component — specifically in the CopySLS_Request3 function. An attacker can send a specially crafted network request to the license server without requiring authentication, which leads to stack memory being overwritten. Successful exploitation of the vulnerability allows arbitrary code execution in the context of the server process running with SYSTEM privileges.

Impact

An attacker gains the ability to execute arbitrary code (RCE) with SYSTEM privileges on a vulnerable system, which means complete takeover of the host, including access to patient data and medical infrastructure.

Mitigation & patch

Patches available from the manufacturer should be applied in accordance with references. As a temporary workaround, it is recommended to restrict network access to the eFilm Workstation license server port only to trusted hosts using a firewall, until the official patch is deployed.

Who is affected

IBM Merge Healthcare eFilm Workstation — versions indicated in manufacturer references; the vulnerable component is the license server

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • IBM Merge Efilm Workstation

    APP
    Ibm
    ≤ 4.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEAuth BypassMemory
CWE
References

Related vulnerabilities

CVE-2024-23619CRITICAL9.8PL ✓ten sam produkt

Zakodowane na stałe dane uwierzytelniające w IBM Merge Healthcare eFilm Workstation

CVE-2024-23621CRITICAL10.0PL ✓ten sam produkt

Buffer overflow w serwerze licencji IBM Merge Healthcare eFilm Workstation — RCE

CVE-2024-23620HIGH8.8ten sam produkt

An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation. A local, auth...

CVE-2022-47986CRITICAL9.8⚠ KEVten sam vendor

IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on t...

CVE-2020-4427CRITICAL9.8⚠ KEVten sam vendor

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass sec...