CVE-2020-4551

Vulnerability

A memory corruption vulnerability exists in IBM i2 Analyst Notebook versions 9.2.1 and 9.2.2. The issue is triggered when a user opens a specially-crafted file using the application. No specific authentication or special privileges are required for the code path to be reachable, as the file can be delivered via social engineering.

Exploitation

An attacker must first craft a malicious file that exploits the memory corruption. The attacker then persuades a victim to open this file using a vulnerable version of the software (9.2.1 or 9.2.2). No network access or prior authentication is needed; the attack vector is local, requiring user interaction. Once the file is opened, the corruption leads to arbitrary code execution.

Impact

Successful exploitation grants the attacker the ability to execute arbitrary code on the victim's system. This results in a full compromise of confidentiality, integrity, and availability (CIA) equivalent to the user's privileges. The attacker can potentially install malware, modify or delete data, or create new accounts with full user rights.

Mitigation

IBM has released a fix as part of their security bulletin [1]. Users should upgrade to the latest patched version of IBM i2 Analyst Notebook to remediate this vulnerability. As of the advisory, no workarounds are provided; applying the update is the recommended action.