Memory Corruption Vulnerability in IBM i2 Analyst Notebook 9.2.0 and 9.2.1 Allows for Arbitrary Code Execution

Memory Corruption Vulnerability in IBM i2 Analyst Notebook 9.2.0 and 9.2.1 Allows for Arbitrary Code Execution

CVE-2020-4724 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Learn more about our Web Application Penetration Testing UK.