A vulnerability has been discovered in IBM’s terminal emulator — Personal Communications (PCOM).
This vulnerability (CVE-2024-25029) poses a serious risk as it could be exploited by threat actors for remote code execution (RCE) and local privilege escalation (LPE) allowing them to move laterally across victim systems with network access. It exists on PCOM versions v14.0.6 to 15.0.1.
Personal Communications is an IBM terminal emulation package developed for Windows systems, enabling access to critical business systems and host communication. It is a component of both the IBM Host Access Client Package and the IBM Rational Host Integration Solution.
IBM Releases Patched Versions of PCCOM Terminal
The vulnerability stems from the exploit of a Windows service in use by the software package which IBM has flagged as an “Improper Restriction of Operations within the Bounds of the Memory Buffer” (Buffer overflow) flaw. IBM has released a Security Bulletin (7147672), advisory, and client update to help users deal with the issue but has stated that its exploitability is not yet certain. There exist no known workarounds to the flaw.
IBM also released critical patches against vulnerabilities in its Instana Observability software last month (March 2024). IBM stated that the vulnerabilities in its Node.js package could potentially allow an attacker to execute arbitrary code on its system through server-side request forgery.
Another recent vulnerability (CVE-2023-37410) in the PCCOM package was reported in September 2023 which was caused due to Overly Permissive Access Controls / Improper Access Control and allowed for privilege escalation.
What is a Buffer Overflow Vulnerability?
A buffer overflow vulnerability occurs when a program uses a memory buffer for read/write operations, but it can read from or write to a memory location or addresses outside the intended boundaries or scope of the buffer.
An attacker can exploit such buffer overflows to execute their own arbitrary code or access sensitive information. Such flaws have wide potential for abuse and are often critical, IBM has rated the CVE-2024-25029 vulnerability with a CVSS base score of 9.
Businesses and enterprises relying on the PCCOM package are urged to upgrade to the patched versions of the PCOMM package linked in IBM’s Security Bulletin.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
