High Severity

Security Bulletin: Improper DLL loading vulnerability affecting Aspera Connect 3.9.9 and earlier

Share this post:

IBM Aspera Connect could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. By persuading a victim to open a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Aspera Connect 3.9.9 and earlier

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6326537

More stories

Security Bulletin: IBM MQ Appliance is affected by an OpenSSL vulnerability (CVE-2020-1971)

Mar 3, 2021 7:00 pm EST | High Severity

IBM MQ Appliance has resolved an OpenSSL vulnerability. ...read more


Security Bulletin: Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (CVE-2021-24122)

Mar 3, 2021 1:38 pm EST | High Severity

Multiple vulnerabilities in Open Source Apache Tomcat reported by The Apache Software Foundation affect IBM Tivoli Application Dependency Discovery Manager (TADDM) ...read more