Cyber Posture

CVE-2024-56346

Critical

Published: 18 March 2025

Published
18 March 2025
Modified
25 July 2025
KEV Added
Patch
CVSS Score 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0033 56.0th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may abuse Unix shell commands and scripts for execution.

Security Summary

CVE-2024-56346 is a critical vulnerability affecting the nimesis NIM master service in IBM AIX 7.2 and 7.3. It arises from improper process controls (CWE-114), which could allow a remote attacker to execute arbitrary commands. Published on 2025-03-18, the flaw has a CVSS v3.1 base score of 10.0 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H), indicating maximum severity due to its network accessibility and potential for complete system compromise.

An unauthenticated attacker can exploit this vulnerability remotely over the network with low attack complexity and no user interaction required. Exploitation grants high impacts across confidentiality, integrity, and availability, enabling arbitrary command execution on the affected NIM master service and potentially leading to full control over the AIX system.

IBM has published an advisory with details on the vulnerability at https://www.ibm.com/support/pages/node/7186621.

Details

CWE(s)
CWE-114

Affected Products

ibm
aix
7.2, 7.3

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1059.004 Unix Shell Execution
Adversaries may abuse Unix shell commands and scripts for execution.
attack.mitre.org →
Why these techniques?

Vulnerability enables remote unauthenticated arbitrary command execution on a network-accessible service (NIM master), directly supporting exploitation of public-facing applications (T1190) and execution via Unix shell (T1059.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References