IBM AIX/VIOS and DataPower Gateway vulnerable to malware attacks

If attackers successfully exploit vulnerabilities in IBM AIX/VIOS and DataPower Gateway, malicious code can get onto systems and compromise them. Updates close the vulnerabilities.

To date, there have been no reports of attackers targeting the Unix operating system AIX or the security and integration platform DataPower Gateway. However, administrators should not wait too long to install the security patches.

Possible attacks

Because the Perl implementation in AIX/VIOS is faulty, attackers can exploit a vulnerability (CVE-2025-33112 "high"). The security problem is that path name inputs are not sufficiently sanitized, so that local attackers can use prepared inputs at this point. If such an attack succeeds, malicious code is executed. Afterwards, computers are usually considered fully compromised.

In a warning message about this vulnerability, the developers describe how to install the security update.

As can be seen from a post, the developers have closed countless security gaps in DataPower Gateway, the list of which goes beyond the scope of this message. They all affect the system's Linux kernel. The majority of the vulnerabilities are classified as "medium" threat level. Several vulnerabilities classified as "high" (e.g. CVE-2024-26704) allow malicious code to reach systems.

Security updates are available

The developers state that versions 10.6.1.0 up to and including 10.6.3.0 are threatened by the vulnerabilities. They assure that they have closed the gaps in version 10.6.4.0.

(des)