CVE-2026-1342
Published: 08 April 2026
Summary
CVE-2026-1342 is a high-severity Inclusion of Functionality from Untrusted Control Sphere (CWE-829) vulnerability in Ibm Security Verify Access. Its CVSS base score is 8.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked at the 4.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-35 (External Malicious Code Identification) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates CVE-2026-1342 by requiring timely application of IBM-provided patches to fix the vulnerability enabling execution of untrusted scripts.
Identifies malicious code from external sources outside the control sphere, preventing or blocking execution of untrusted scripts by locally authenticated users.
Validates information inputs to the system, addressing CWE-829 by ensuring untrusted external scripts are not processed or executed.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability directly enables execution of externally sourced malicious scripts by a local user via inclusion of untrusted functionality (CWE-829).
NVD Description
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow a locally authenticated user to…
more
execute malicious scripts from outside of its control sphere.
Deeper analysisAI
CVE-2026-1342, published on 2026-04-08, is a vulnerability in IBM Verify Identity Access Container versions 11.0 through 11.0.2, IBM Security Verify Access Container versions 10.0 through 10.0.9.1, IBM Verify Identity Access versions 11.0 through 11.0.2, and IBM Security Verify Access versions 10.0 through 10.0.9.1. It enables a locally authenticated user to execute malicious scripts from outside of the product's control sphere, corresponding to CWE-829 (Inclusion of Functionality from Untrusted Control Sphere). The vulnerability carries a CVSS v3.1 base score of 8.5 (AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L), indicating high severity due to its potential for significant confidentiality impact with a scope change.
A locally authenticated user can exploit this flaw with low complexity and no special privileges beyond local authentication, without requiring user interaction. Successful exploitation allows execution of malicious scripts sourced externally, resulting in high-impact confidentiality loss (such as unauthorized access to sensitive data), low-impact integrity and availability disruptions, and an expanded scope of compromise.
IBM provides details on mitigation and patches in its security advisory at https://www.ibm.com/support/pages/node/7268253. Security practitioners should consult this reference for version-specific remediation guidance.
Details
- CWE(s)