CVE-2024-41783

CriticalRCE

Published: 19 January 2025

Published

19 January 2025

Modified

25 July 2025

KEV Added

—

Patch

—

CVSS Score 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

EPSS Score 0.0026 48.9th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-41783 is a critical-severity Command Injection (CWE-77) vulnerability in Ibm Sterling Secure Proxy. Its CVSS base score is 9.1 (Critical).

Operationally, ranked at the 48.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly addresses the improper input validation that enables command injection by requiring validation of specified inputs before processing.

SI-2 Flaw Remediation good match

prevent

Mandates timely remediation of the specific command injection flaw in IBM Sterling Secure Proxy through patching and testing.

AC-6 Least Privilege partial match

prevent

Enforces least privilege to limit the damage potential from high-privileged users exploiting the vulnerability.

NVD Description

IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow a privileged user to inject commands into the underlying operating system due to improper validation of a specified type of input.

Deeper analysisAI

CVE-2024-41783 is a command injection vulnerability (CWE-77) in IBM Sterling Secure Proxy versions 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0. The flaw stems from improper validation of a specified type of input, enabling a privileged user to inject commands into the underlying operating system. It carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H), indicating critical severity due to its network accessibility and potential for severe impacts.

A high-privileged user (PR:H) can exploit the vulnerability remotely over the network (AV:N) with low complexity (AC:L) and without requiring user interaction (UI:N). Successful exploitation allows the attacker to achieve high confidentiality, integrity, and availability impacts (C:H/I:H/A:H) across a changed scope (S:C), potentially resulting in arbitrary command execution on the host operating system.

IBM has published a security bulletin detailing the vulnerability and recommended mitigations at https://www.ibm.com/support/pages/node/7176189. Security practitioners should consult this advisory for patch information and remediation steps specific to affected versions.

Details

CWE(s): CWE-77

Affected Products

ibm

sterling secure proxy

6.1.0.0, 6.2.0.0 · 6.0.0.0 — 6.0.3.1

CVEs Like This One

CVE-2024-38337Same product: Ibm Aix

CVE-2025-36258Same product: Ibm Aix

CVE-2025-13855Same product: Ibm Aix

CVE-2024-7577Same product: Ibm Aix

CVE-2025-14974Same product: Ibm Aix

CVE-2024-52363Same product: Ibm Aix

CVE-2024-51459Same product: Ibm Aix

CVE-2026-35558Same product: Linux Linux Kernel

CVE-2024-49779Same product: Linux Linux Kernel

CVE-2024-49781Same product: Linux Linux Kernel

References

https://www.ibm.com/support/pages/node/7176189
Vendor Advisory · psirt@us.ibm.com