High Severity

Security Bulletin: Improper DLL loading vulnerability affecting Aspera Connect 3.9.9 and earlier

Share this post:

IBM Aspera Connect could allow a local attacker to execute arbitrary code on the Windows system, caused by improper loading of Dynamic Link Libraries by the import feature. By persuading a victim to open a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Aspera Connect 3.9.9 and earlier

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6326537

More stories