Primary

Context

IBM Aspera High-Speed Transfer Products Buffer Overflow Vulnerability in asperahttpd Component

Vulnerability

Patched

A buffer overflow vulnerability has been identified in the asperahttpd component of IBM Aspera High-Speed Transfer Endpoint and IBM Aspera High-Speed Transfer Server, both versions 3.7.4 prior to 4.4.7 Fix Pack 1. This vulnerability could be exploited to cause a denial of service and potentially lead to authentication bypass or remote code execution.

Impact

Exploitation of this vulnerability could result in a denial of service, authentication bypass, or remote code execution.

Remediation

Users can upgrade to IBM Aspera High-Speed Transfer Server or Endpoint version 4.4.7 Fix Pack 2. Instructions for downloading this version are available on the IBM Support Fix Central website.

Added: May 28, 2026, 5:07 AM

Updated: May 28, 2026, 5:07 AM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

7.5

exploitability

7.0

remediation

7.7

relevance

9.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

7.5

exploitability

7.0

remediation

7.7

relevance

9.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Aspera High-Speed Transfer Products Buffer Overflow Vulnerability in asperahttpd Component

Vulnerability

Impact

Remediation

Affected Products

IBM Aspera High-Speed Transfer Endpoint

IBM Aspera High-Speed Transfer Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating