Skip to main content

Personal Communications

4 CVEs product

Monthly

CVE-2025-1095 HIGH This Week

IBM Personal Communications v14 and v15 include a Windows service that is vulnerable to local privilege escalation (LPE). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft IBM Privilege Escalation Personal Communications Windows
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2024-25029 CRITICAL Act Now

IBM Personal Communications 14.0.6 through 15.0.1 includes a Windows service that is vulnerable to remote code execution (RCE) and local privilege escalation (LPE). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Buffer Overflow Microsoft RCE Privilege Escalation +1
NVD
CVSS 3.1
10.0
EPSS
0.8%
CVE-2016-0321 MEDIUM This Month

IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Personal Communications
NVD
CVSS 3.0
6.2
EPSS
0.1%
CVE-2012-0201 CRITICAL POC THREAT Emergency

Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Personal Communications 5.9.x before 5.9.8 and 6.0.x before 6.0.4 might allow remote attackers to execute arbitrary code via a long. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 75.1%.

Buffer Overflow RCE IBM Personal Communications
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
75.1%
Threat
5.6
EPSS 0% CVSS 8.8
HIGH This Week

IBM Personal Communications v14 and v15 include a Windows service that is vulnerable to local privilege escalation (LPE). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft IBM Privilege Escalation +2
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

IBM Personal Communications 14.0.6 through 15.0.1 includes a Windows service that is vulnerable to remote code execution (RCE) and local privilege escalation (LPE). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Buffer Overflow Microsoft +3
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Personal Communications
NVD
EPSS 75% 5.6 CVSS 9.3
CRITICAL POC THREAT Emergency

Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Personal Communications 5.9.x before 5.9.8 and 6.0.x before 6.0.4 might allow remote attackers to execute arbitrary code via a long. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 75.1%.

Buffer Overflow RCE IBM +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy