CVE-2020-4724
Description
IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IBM i2 Analyst Notebook 9.2.0 and 9.2.1 memory corruption vulnerability allows local attackers to execute arbitrary code via specially crafted file.
Vulnerability
IBM i2 Analyst Notebook versions 9.2.0 and 9.2.1 are affected by a memory corruption vulnerability [1]. An attacker can exploit this by persuading a victim to open a specially crafted file.
Exploitation
The attacker needs local access and must convince the user to open a malicious file. No authentication is required, but user interaction is necessary. The exploit triggers memory corruption leading to arbitrary code execution.
Impact
Successful exploitation results in arbitrary code execution with the privileges of the user. This can lead to full compromise of the system, affecting confidentiality, integrity, and availability.
Mitigation
IBM has released a fix; see the security bulletin [1] for details. Users should upgrade to the latest version. No workarounds are mentioned.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <=9.2.1
- IBM/i2 Analyst Notebookv5Range: 9.2.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- exchange.xforce.ibmcloud.com/vulnerabilities/187874mitrevdb-entryx_refsource_XF
- www.ibm.com/support/pages/node/6356497mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.