Skip to main content

IBM i Access Client Solutions EUVDEUVD-2026-33730

| CVE-2026-7770 HIGH
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') (CWE-74)
2026-06-01 ibm GHSA-rm3f-295w-c3mc
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jun 01, 2026 - 19:21 vuln.today

DescriptionCVE.org

IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions (ACS) is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator.

AnalysisAI

Remote code execution in IBM i Access Client Solutions (ACS) versions 1.1.5.0 through 1.1.9.12 allows authenticated attackers to execute arbitrary code on systems where ACS is configured to listen for requests from IBM i Navigator. The flaw, rated CVSS 8.8 with high impact across confidentiality, integrity, and availability, requires low privileges and no user interaction, making it a serious threat in enterprise IBM i environments. There is no public exploit identified at time of analysis and the CVE is not currently in CISA KEV.

Technical ContextAI

IBM i Access Client Solutions is a Java-based client suite that connects Windows, macOS, and Linux workstations to IBM i (formerly AS/400/iSeries) servers, providing 5250 emulation, data transfer, and console functions. When ACS is configured to receive requests from IBM i Navigator (the web-based system management console for IBM i), it exposes a listener that processes incoming commands. The vulnerability falls under CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component, i.e., Injection), indicating that input arriving via this Navigator listener channel is not properly sanitized before being interpreted by a downstream execution component, enabling code injection. The affected CPE is cpe:2.3:a:ibm:i_access_family covering ACS versions 1.1.5.0 through 1.1.9.12.

RemediationAI

Apply the patch available per IBM vendor advisory at https://www.ibm.com/support/pages/node/7274214; the exact fixed version should be taken from that bulletin as the input data confirms a patch is available but does not specify the version string. As an interim compensating control, disable the ACS-side listener for IBM i Navigator requests on any client where it is not actively required, accepting the trade-off that Navigator-initiated workflows (remote command/console functions routed through ACS) will stop working until reconfigured. Where the listener must remain enabled, restrict network reachability to the ACS listener port by host-based firewall rules or network ACLs so that only known IBM i Navigator servers can connect, reducing the attack surface to trusted segments. Inventory all workstations running ACS 1.1.5.0 through 1.1.9.12 and prioritize patching administrator and operator endpoints first, since those are the ones most likely to have the Navigator listener configured.

Share

EUVD-2026-33730 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy