CVE-2023-45166

Name of the Vulnerable Software and Affected Versions IBM AIX versions 7.2 through 7.3 VIOS version 3.1

Description The issue is related to insufficient input validation, which can be exploited by a non-privileged local user to obtain elevated privileges using the piodmgrsu command. This can lead to privilege escalation.

Recommendations For IBM AIX versions 7.2 through 7.3, consider disabling the piodmgrsu command until a patch is available to prevent exploitation. For VIOS version 3.1, restrict access to the piodmgrsu command to minimize the risk of exploitation. Note: The piobe command mentioned in another source is not confirmed as vulnerable in the higher-priority sources, so no recommendation is provided for it. At the moment, there is no information about a newer version that contains a fix for this vulnerability.