High Severity

Security Bulletin: Improper DLL loading vulnerability affecting Aspera Connect 3.9.9 and earlier

Share this post:

IBM Aspera Connect could allow a local attacker to execute arbitrary code on the Windows system, caused by improper loading of Dynamic Link Libraries by the import feature. By persuading a victim to open a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Aspera Connect 3.9.9 and earlier

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6326537

More stories

Security Bulletin: WebSphere Application Server is vulnerable to an information exposure vulnerability (CVE-2020-4643)

Sep 24, 2020 8:00 pm EDT | High Severity

WebSphere Application Server is vulnerable to an information exposure vulnerability. This has been addressed. ...read more


Security Bulletin: Multiple vulnerabilities in Apache Struts affect Tivoli Netcool/OMNIbus WebGUI (CVE-2019-0233, CVE-2019-0230)

Sep 23, 2020 8:01 pm EDT | High Severity

Fix is available for vulnerabilities in Apache Struts affecting Tivoli Netcool/OMNIbus WebGUI (CVE-2019-0233, CVE-2019-0230). ...read more


Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management

Sep 23, 2020 8:00 pm EDT | High Severity

Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVE. ...read more