Primary

Context

IBM i Privilege Escalation Vulnerability in OS Command

Vulnerability

A privilege escalation vulnerability has been identified in IBM i version 7.6. The issue arises from incorrect profile swapping in an operating system command, allowing a malicious actor to elevate privileges and gain root access to the host.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation, enabling a user to gain root access on the system.

Remediation

Users can apply the PTF number SJ04908 to address this vulnerability. This PTF is available through the IBM i Fix Central.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

3.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

3.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM i Privilege Escalation Vulnerability in OS Command

Vulnerability

Impact

Remediation

Affected Products

IBM i

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating