CVE-2024-51448

Name of the Vulnerable Software and Affected Versions IBM Robotic Process Automation versions 21.0.0 through 21.0.7.17 IBM Robotic Process Automation versions 23.0.0 through 23.0.18

Description The issue is related to errors in inherited permissions. It could allow a local user to escalate their privileges. All files in the install inherit the file permissions of the parent directory, and therefore a non-privileged user can substitute any executable for the nssm.exe service. A subsequent service or server restart will then run that binary with administrator privilege.

Recommendations For IBM Robotic Process Automation versions 21.0.0 through 21.0.7.17, consider updating to a version outside of this range to mitigate the risk. For IBM Robotic Process Automation versions 23.0.0 through 23.0.18, consider updating to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting access to the nssm.exe service to minimize the risk of exploitation.