Multiple vulnerabilities in Aspera applications._CVE-2026-8175

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could be exploited to cause a denial of service and potentially lead to authentication bypass or remote code execution.

AI Analysis

Buffer overflow in the asperahttpd component, potentially leading to denial of service, authentication bypass, or remote code execution.

Basic Information

ID CVE-2026-8175

Source ibm

Published May 27, 2026 at 13:17

Affected Product

Vendor IBM

Product Aspera High-Speed Transfer Endpoint

Version 3.7.4

Affected Versions IBM Aspera High-Speed Transfer Endpoint 3.7.4
IBM Aspera High-Speed Transfer Server 3.7.4

CWE Classification

CWE-122

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor IBM

Product Aspera High-Speed Transfer Endpoint, Aspera High-Speed Transfer Server

Version 3.7.4 through 4.4.7 Fix Pack 1

References

www.ibm.com /support/pages/node/7273615

{
    "lastseen": "",
    "description": "IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could be exploited to cause a denial of service and potentially lead to authentication bypass or remote code execution.",
    "published": "2026-05-27T13:17:06.154Z",
    "modified": "2026-05-27T13:17:06.154Z",
    "type": "cve",
    "title": "Multiple vulnerabilities in Aspera applications.",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7273615",
    "id": "CVE-2026-8175",
    "bulletinFamily": "",
    "cwe": [
        "CWE-122"
    ],
    "cvelist": null,
    "sourceData": "IBM Aspera High-Speed Transfer Endpoint 3.7.4\nIBM Aspera High-Speed Transfer Server 3.7.4",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Aspera High-Speed Transfer Endpoint",
    "version": "3.7.4",
    "vendor": "IBM",
    "ai_description": "Buffer overflow in the asperahttpd component, potentially leading to denial of service, authentication bypass, or remote code execution.",
    "ai_severity": "Critical",
    "ai_vendor": "IBM",
    "ai_product": "Aspera High-Speed Transfer Endpoint, Aspera High-Speed Transfer Server",
    "ai_version": "3.7.4 through 4.4.7 Fix Pack 1",
    "ai_score": 9.8
}