A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution.
The vulnerability results from incorrect buffer size calculation (CWE-131) and lack of proper boundary verification when copying data to the buffer (CWE-120 — classic buffer overflow). An attacker can send a specially crafted network request to the license server without the need for authentication, causing buffer overflow. This results in the possibility of taking control over the program execution flow and executing arbitrary code in the context of the license server process.
A remote, unauthenticated attacker can gain full control over the system by executing arbitrary code (RCE), which potentially leads to violation of confidentiality, integrity, and availability of the system and data.
Patches available from the vendor should be applied in accordance with the references. Additionally, it is recommended to restrict network access to the license server exclusively to trusted hosts using a firewall and to monitor network traffic directed to this component.
IBM Merge Healthcare eFilm Workstation — specific versions indicated in vendor references and Exodus Intel publication
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HIBM Merge Efilm Workstation
APPIbm≤ 4.2
Related vulnerabilities
Zakodowane na stałe dane uwierzytelniające w IBM Merge Healthcare eFilm Workstation
Stack-based buffer overflow w IBM Merge Healthcare eFilm Workstation — RCE jako SYSTEM
An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation. A local, auth...
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on t...
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass sec...