IBM Aspera Faspex Code Execution Vulnerability

Released: Mar 01, 2023

Updated: Mar 19, 2023


High Severity

IBM Vendor

Vulnerability Type


File transfer software exploited in the wild

IBM Aspera Faspex could allow a remote attacker to execute code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. Learn More »

Common Vulnerabilities and Exposures

CVE-2022-47986

Background

IBM Aspera Faspex is a centralized transfer solution that enables users to exchange files with each other using an email-like workflow. In the recent weeks, Enterprise file transfer solutions are being targeted by attackers. A vulnerability in another file transfer software, GoAnywhere managed file transfer (MFT) software was also seen being targeted by the attackers. To read the full outbreak report go to https://www.fortiguard.com/outbreak-alert/goanywhere-mft-rce

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.


January 18, 2023: IBM issued a patch https://www.ibm.com/docs/en/aspera-faspex/4.4?topic=notes-release-aspera-faspex-442


February 21, 2023: CISA added the bug, CVE-2022-47986 to its catalog of known exploited vulnerabilities.

April 19, 2023: An Iranian nation-state actor observed exploiting CVE-2022-47986 for initial access.
https://www.microsoft.com/en-us/security/blog/2023/04/18/nation-state-threat-actor-mint-sandstorm-refines-tradecraft-to-attack-high-value-targets/

FortiGuard Labs recommends users to update the vulnerable version of IBM Aspera Faspex and apply latest patch as released by the vendor as soon as possible.

FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.


PROTECT
  • Lure

  • Decoy VM

  • Vulnerability

  • IPS

  • Web App Security

DETECT
  • Outbreak Detection

  • Threat Hunting

  • Content Update

RESPOND
  • Assisted Response Services

  • Automated Response

RECOVER
  • InfoSec Services

IDENTIFY
  • Attack Surface Monitoring (Inside & Outside)

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.


Loading ...

Indicators of compromise Indicators of compromise
IOC Threat Activity

Last 30 days

Chg

Avg 0