ManageEngine x Forrester | Workforce Identity Platforms Landscape Report

Recent AD News

IBM patches critical flaw that could allow remote attackers to execute code

IBM patched a critical buffer-flow error that affected its Integration Designer toolset. The error has the potential of being exploited to enable the execution of remote codes. The flaw (CVE-2020-27221) was critical in severity as it has a CVSS base score of 9.8 out of 10.

The critical flaw originated from an issue in versions 7 and 8 of Java Runtime Environment (JRE), which is a software layer used by the IBM Integration Designer toolset.

According to IBM’s Monday security advisory, “By sending an overly long string, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.” However, there are no further details on what other privileges an attacker would need in order to execute the attack.

Related posts
Recent AD News

Chinese hacker group 'Naikon' strikes again: Targets ASEAN nations

Recent AD News

Bumblebee: A new malware loader on the prowl

Recent AD News

FBI issues alert: A lethal ransomware that breached 60 companies

Recent AD News

Israel's Pegasus spyware finds a new target

×

There are over 8,500 people who are getting towards perfection in Active Directory, IT Management & Cyber security through our insights from Identitude.

Wanna be a part of our bimonthly curation of IAM knowledge?

  • -Select-
  • By clicking 'Become an insider', you agree to processing of personal data according to the Privacy Policy.