Freely subscribe to our NEWSLETTER

The time has come to proactively securing IBM i Systems
“It is time to prioritize proactively securing IBM i (formerly known as AS/400) infrastructures. This necessitates a shift in paradigm for both security professionals and vendors, as IBM i Systems have been renowned for their inherent security. The recently discovered exploit in the DDM architecture, which enables attackers to execute a CL command as QUSER within a mere 5 seconds using a single IP address, highlights the need for further investigation into potential security concerns in IBM i Systems. The vulnerability identified by our team allows unauthorized entry for attackers using workstation user credentials, potentially granting access to sensitive information. This compromises critical business processes and leaves the network vulnerable to potential privilege escalation” – Zoltán Pánczél, co-founder and Head of Silent Signal Security Lab at Silent Signal, explained.

Discovery and exploitation of the legendary IBM i System
Read the detailed technical description in Silent Signal’s ethical hacking blog and learn how they discovered and exploited the unauthenticated RCE in IBM i DDM Service.
Affected product(s) and version(s) are IBM i 7.2, IBM i 7.3, IBM i 7.4 and IBM i 7.5 users.
Recommended actions for affected users are provided in IBM’s latest Security Bulletin CVE-2023-30990.

IBM i users are strongly advised to prioritize regular scanning, vulnerability remediation, and patching to ensure the security of their systems.