IBM Aspera Faspex Vulnerability Exploited in Attacks

February 15, 2023

Organizations using IBM’s Aspera Faspex file transfer solution have been warned that a recently patched vulnerability, tracked as CVE-2022-47986, is being exploited in the wild. The security hole, classified as ‘high severity’, is a YAML deserialization flaw that can be exploited by a remote attacker for arbitrary code execution using specially crafted API calls. The issue was discovered by researchers at attack surface management firm Assetnote and reported to IBM in October 2022. Soon after, exploit code was made available and exploitation attempts were observed by threat hunters and the Shadowserver Foundation. A Shodan search shows more than 100 internet-exposed Aspera Faspex servers, mostly located in the United States and the United Kingdom. This is not the only enterprise file transfer solution targeted in attacks in recent weeks, as a vulnerability in the GoAnywhere managed file transfer (MFT) software has also been exploited. It is unclear how many of the attacks are malicious and what the threat actors are doing on compromised systems.

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.