![Apple Reorganizes Executive Team to Rescue Siri [Report]](https://www.iclarified.com/images/news/96777/96777/96777-640.jpg)
![[The AI Show Episode 139]: The Government Knows AGI Is Coming, Superintelligence Strategy, OpenAI’s $20,000 Per Month Agents & Top 100 Gen AI Apps](https://www.marketingaiinstitute.com/hubfs/ep%20139%20cover-2.png)
![[The AI Show Episode 138]: Introducing GPT-4.5, Claude 3.7 Sonnet, Alexa+, Deep Research Now in ChatGPT Plus & How AI Is Disrupting Writing](https://www.marketingaiinstitute.com/hubfs/ep%20138%20cover.png)
![What are good examples of 'preflight check patterns' on existing applications? [closed]](https://i.sstatic.net/yl2Tr80w.png)
![Release: Rendering Ranger: R² [Rewind]](https://images-3.gog-statics.com/48a9164e1467b7da3bb4ce148b93c2f92cac99bdaa9f96b00268427e797fc455.jpg)
IBM AIX Vulnerability Let Attackers Execute Arbitrary Commands
Critical security vulnerabilities in IBM AIX operating systems could allow unauthorized remote attackers to execute arbitrary commands, potentially compromising the entire system. IBM has released security patches to address these high-severity flaws affecting multiple Unix-based operating system versions. Security researchers have identified two serious vulnerabilities in IBM AIX systems that pose significant threats to enterprise environments. […] The post IBM AIX Vulnerability Let Attackers Execute Arbitrary Commands appeared first on Cyber Security News.
Critical security vulnerabilities in IBM AIX operating systems could allow unauthorized remote attackers to execute arbitrary commands, potentially compromising the entire system.
IBM has released security patches to address these high-severity flaws affecting multiple Unix-based operating system versions.
Security researchers have identified two serious vulnerabilities in IBM AIX systems that pose significant threats to enterprise environments.
The vulnerabilities tracked as CVE-2024-56346 and CVE-2024-56347 both relate to improper process controls in AIX Network Installation Management (NIM) services.
This vulnerability affects the nimesis Network Installation Management (NIM) master service in IBM AIX. It has been assigned the highest possible CVSS Base score of 10.0, indicating critical severity.
Vulnerability Allows Command Execution
This flaw could allow remote attackers to execute arbitrary commands on affected systems without requiring any authentication or user interaction.
The second vulnerability (CVE-2024-56347) impacts the AIX nimsh service SSL/TLS protection mechanisms and has been assigned a CVSS Base score of 9.6.
This vulnerability also enables remote attackers to execute arbitrary commands, though it requires some user interaction. Both vulnerabilities stem from CWE-114 (Process Control) weaknesses in the implementation of these services.
Given that AIX is often used in critical applications across finance, banking, healthcare, and telecommunications sectors, successful exploitation could have wide-ranging consequences.
Additionally, these vulnerabilities are particularly concerning due to their high CVSS scores. If left unpatched, attackers could gain unauthorized access to critical AIX systems, potentially leading to data theft, service disruption, or lateral movement within networks.
The vulnerabilities were reported to IBM by Oneconsult AG, specifically security researcher Jan Alsenz.
The summary of the vulnerabilities is given below:
Risk Factors CVE-2024-56346 CVE-2024-56347 Affected Products IBM AIX 7.2, 7.3 (including VIOS) IBM AIX 7.2, 7.3 (including VIOS) Impact Remote execution of arbitrary commands Remote execution of arbitrary commands Exploit Prerequisites No authentication or user interaction required) No authentication or user interaction is required) CVSS 3.1 Score 10.0 (Critical) 9.6 (Critical)
Affected Systems and Scope
The security flaws affect IBM AIX versions 7.2 and 7.3, including systems running on Virtual I/O Server (VIOS) environments. Specific affected filesets include:
- bos.sysmgt.nim.client
- bos.sysmgt.nim.master
- bos.sysmgt.sysbr
Organizations can determine if their systems are vulnerable by checking the installed filesets using the AIX command: lslpp -L | grep -i bos.sysmgt.nim.client.
IBM has addressed these vulnerabilities by releasing patches for affected systems. The company has assigned specific APARs (Authorized Program Analysis Reports) to track the fixes:
- For AIX 7.2.5: APAR IJ53757 (SP10)
- For AIX 7.3.1: APAR IJ53929
- For AIX 7.3.2: APAR IJ53923 (SP04)
- For AIX 7.3.3: APAR IJ53792 (SP01)
Security patches are available for download from IBM’s security fix portal. The company has provided interim fixes for both NIM clients and NIM masters across various AIX technology levels.
System administrators can verify the integrity of downloaded fixes using the provided SHA-256 checksums or OpenSSL signatures. IBM recommends creating a mksysb backup of systems before applying patches.
IBM strongly recommends that all affected organizations apply security updates immediately to mitigate the risk of potential attacks targeting these vulnerabilities.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
The post IBM AIX Vulnerability Let Attackers Execute Arbitrary Commands appeared first on Cyber Security News.
