Ethical hackers find critical vulnerability in IBM software

7 Jul 2023

Image: © jetcityimage/Stock.adobe.com

Silent Signal claims the exploit could be used by attackers to infiltrate corporate assets and block business-critical services.

A company providing hacking services has reported a vulnerability to IBM, which could give remote attackers the ability to execute commands on IBM products.

Silent Signal claims this remote code execution vulnerability could be used by attackers to infiltrate “sensitive corporate assets” and block business-critical services, including central servers, database servers, file servers and network drive servers.

The vulnerability affects products with “IBM i” versions 7.2, 7.3, 7.4 and 7.5. IBM has issued a security bulletin about the flaw and said it can be resolved by applying a Program Temporary Fix (PTX).

“IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products,” the company said in its bulletin.

Silent Signal also advised users of the affected products to prioritise regular scanning, vulnerability remediation and patching to keep their systems secure.

Zoltán Pánczél, the head of Silent Signal’s Security Lab, said the discovery of this vulnerability “necessitates a shift in paradigm” for security professionals and vendors, due to the fact IBM i systems “have been renowned for their inherent security”.

Pánczél also claimed the flaw enables attackers to execute a CL command “within a mere five seconds using a single IP address” and highlights the need for “further investigation into potential security concerns”.

“The vulnerability identified by our team allows unauthorised entry for attackers using workstation user credentials, potentially granting access to sensitive information,” Pánczél said. “This compromises critical business processes and leaves the network vulnerable to potential privilege escalation.”

Cyberattacks continue to be a growing concern worldwide, with attackers constantly finding ways to breach existing systems across multiple industries.

Earlier this week, Dublin Airport was revealed to be a victim of the Moveit cyberattack, which has rippled across both sides of the Atlantic.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic

editorial@siliconrepublic.com