High Severity

Security Bulletin: Improper DLL loading vulnerability affecting Aspera Connect 3.9.9 and earlier

Sep 8, 2020 8:00 pm EDT

Categorized: High Severity

Share this post:

IBM Aspera Connect could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. By persuading a victim to open a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Aspera Connect 3.9.9 and earlier

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6326537


Previous Post

Security Bulletin: Novalink is impacted by denial of service high vulnerability in WebSphere Application Server Liberty CVE-2019-4720

Next Post

Security Bulletin: Multiple Security Vulnerabilities Affect IBM WebSphere Application Server in IBM Cloud
More stories

Security Bulletin: Multiple vulnerabilities affect IBM Rational® Application Developer for WebSphere® Software

Mar 3, 2021 7:00 pm EST | High Severity

Node.js November 2020 Security Releases ...read more

Security Bulletin: IBM MQ Appliance is affected by an OpenSSL vulnerability (CVE-2020-1971)

Mar 3, 2021 7:00 pm EST | High Severity

IBM MQ Appliance has resolved an OpenSSL vulnerability. ...read more

Security Bulletin: Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (CVE-2021-24122)

Mar 3, 2021 1:38 pm EST | High Severity

Multiple vulnerabilities in Open Source Apache Tomcat reported by The Apache Software Foundation affect IBM Tivoli Application Dependency Discovery Manager (TADDM) ...read more