CVE-2020-4550

Name of the Vulnerable Software and Affected Versions IBM i2 Analyst Notebook versions 9.2.1 through 9.2.2

Description The issue is caused by a memory corruption, specifically a buffer overflow in dynamic memory, which could allow a local attacker to execute arbitrary code on the system. An attacker could exploit this by persuading a victim to open a specially-crafted file, thereby executing arbitrary code on the system.

Recommendations For versions 9.2.1 and 9.2.2, consider restricting access to files from untrusted sources to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.