Main Vulnerability Database Exploits ID:9079 - Exploit for OS Command Injection in IBM AIX and IBM VIOS - CVE-2023-28528

ID:9079 - Exploit for OS Command Injection in IBM AIX and IBM VIOS - CVE-2023-28528

Published: May 18, 2023

Vulnerability identifier: #VU75055

Vulnerability risk: Low

CVE-ID: CVE-2023-28528

CWE-ID: CWE-78

Exploitation vector: Local access

Vulnerable software:
IBM AIX
IBM VIOS

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/aix/local/invscout_rpm_priv_esc

Vulnerability description

The vulnerability allows a local user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the AIX invscout command. A local user and execute arbitrary OS commands on the target system.

Remediation

Install updates from vendor's website.

ID:9079 - Exploit for OS Command Injection in IBM AIX and IBM VIOS - CVE-2023-28528

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human