CVE-2022-47986
IBM Aspera Faspex Code Execution Vulnerability
CVSS
—
No CVSS
EPSS
100.0%
p100
KEV
YES
Feb 21, 2023
Exploit Today
80
0-100
Published: — · Last modified: —
100.0%EPSS · 30 days100.0%
2026-06-302026-07-16
Product
IBM / Aspera Faspex
Vulnerability
IBM Aspera Faspex Code Execution Vulnerability
Added to KEV
Feb 21, 2023
Remediate by
Mar 14, 2023
Known ransomware use
Yes
Summary description
IBM Aspera Faspex could allow a remote attacker to execute code on the system, caused by a YAML deserialization flaw.
Required action
Apply updates per vendor instructions.
Notes
https://exchange.xforce.ibmcloud.com/vulnerabilities/243512?_ga=2.189195179.1800390251.1676559338-700333034.1676325890; https://nvd.nist.gov/vuln/detail/CVE-2022-47986
No related CVEs by CWE or product.