CVE-2024-55898
Published: 24 February 2025
Summary
CVE-2024-55898 is a high-severity Uncontrolled Search Path Element (CWE-427) vulnerability in Ibm I. Its CVSS base score is 8.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 32.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and CM-5 (Access Restrictions for Change).
Deeper analysis
CVE-2024-55898 is a privilege escalation vulnerability affecting IBM i versions 7.2, 7.3, 7.4, and 7.5, stemming from an unqualified library call (CWE-427). It enables a user with the ability to compile or restore a program to gain elevated privileges, allowing user-controlled code to execute with administrator-level access. The vulnerability carries a CVSS v3.1 base score of 8.5 (AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H), indicating high severity due to its potential for significant impact across confidentiality, integrity, and availability.
Exploitation requires low privileges (PR:L), specifically the capability to compile or restore programs, and can occur over the network (AV:N) without user interaction (UI:N), though it demands high attack complexity (AC:H). A malicious actor meeting these prerequisites can leverage the unqualified library call to execute arbitrary code with administrator privileges, achieving full system compromise including scope change (S:C).
IBM's security advisory, available at https://www.ibm.com/support/pages/node/7183835, provides details on the vulnerability, affected versions, and recommended mitigations, including patches for resolving the issue. Security practitioners should review this page for deployment instructions and verification steps.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-4388
Vulnerability details
IBM i 7.2, 7.3, 7.4, and 7.5 could allow a user with the capability to compile or restore a program to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with…
more
administrator privilege.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct privilege escalation via exploitation of uncontrolled search path (CWE-427) for malicious library loading.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the unqualified library call vulnerability by requiring timely patching of affected IBM i systems as per vendor advisory.
Enforces least privilege to deny unnecessary compile or restore capabilities to low-privileged users, blocking the prerequisite for exploitation.
Restricts access to program compilation and restoration processes to authorized roles, preventing malicious actors from leveraging these functions for privilege escalation.