PT-2026-43987 · Ibm · Aspera High-Speed Transfer Endpoint+1
Yannik Marchand
·
Published
2026-05-27
·
Updated
2026-05-27
·
CVE-2026-8175
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM Aspera High-Speed Transfer Endpoint versions 3.7.4 through 4.4.7 Fix Pack 1
IBM Aspera High-Speed Transfer Server versions 3.7.4 through 4.4.7 Fix Pack 1
Description
A buffer overflow exists in the
asperahttpd component. This issue can be exploited to cause a denial of service and may potentially lead to authentication bypass or remote code execution.Recommendations
Update IBM Aspera High-Speed Transfer Endpoint to a version later than 4.4.7 Fix Pack 1.
Update IBM Aspera High-Speed Transfer Server to a version later than 4.4.7 Fix Pack 1.
Fix
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aspera High-Speed Transfer Endpoint
Aspera High-Speed Transfer Server