November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Advisory – CVE-2023-30438 – IBM PowerVM Vulnerability
May 18, 2023Rewterz Threat Advisory – CVE-2023-28076 – Dell CloudLink Vulnerability
May 18, 2023Rewterz Threat Advisory – CVE-2023-30438 – IBM PowerVM Vulnerability
May 18, 2023Rewterz Threat Advisory – CVE-2023-28076 – Dell CloudLink Vulnerability
May 18, 2023
Severity
High
Analysis Summary
CVE-2023-30438
An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of arbitrary code in other logical partitions on the same physical server.
Impact
- Gain Access
Indicators Of Compromise
CVE
- CVE-2023-25927
Affected Vendors
IBM
Affected Products
- IBM PowerVM Hypervisor FW950.00
- IBM PowerVM Hypervisor FW1010.00
- IBM PowerVM Hypervisor FW1020.00
- IBM PowerVM Hypervisor FW1030.10
- IBM PowerVM Hypervisor FW950.70
- IBM PowerVM Hypervisor FW1010.50
- IBM PowerVM Hypervisor FW1020.30
- IBM PowerVM Hypervisor FW1030.00
Remediation
Refer to the appropriate IBM Security Bulletin for patch, upgrade or suggested workaround information.