February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – World Cup Phishing Email Campaigns Spike In Arab Countries – Active IOCs
November 23, 2022Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs
November 23, 2022Rewterz Threat Alert – World Cup Phishing Email Campaigns Spike In Arab Countries – Active IOCs
November 23, 2022Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs
November 23, 2022
Severity
High
Analysis Summary
CVE-2022-40746
IBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
Code Execution
Indicators Of Compromise
CVE
- CVE-2022-40746
Affected Vendors
IBM
Affected Products
- IBM i Access Client Solutions 1.1.2
- IBM i Access Client Solutions 1.1.4
- IBM i Access Client Solutions 1.1.4.3
- IBM i Access Client Solutions 1.1.9.0
Remediation
Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.