What is CVE-2018-1435?

CVE-2018-1435 is a high-severity vulnerability in Ibm Notes. CVSS score: 7.8/10. Published 2018-03-14.

How severe is CVE-2018-1435?

High severity. CVSS v3 base score is 7.8 out of 10.

Is CVE-2018-1435 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Ibm Notes

CVE-2018-1435

IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. A remote attacker could trick a user to double click a malicious executable in an attacker-controlled directory, which could result in code execution. IBM X-Force ID: 139563.

EPSS: 0.010 (77.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.0/A:H/AC:L/AV:L/C:H/I:H/PR:N/S:U/UI:R.

Affected products

Ibm Notes — versions 8.5.2, 8.5.1.5, 9.0.1

Public proof-of-concept exploits

References

ibm-notes-cve20181435-code-exec(139563) (vdb-entry, x_refsource_XF)
www.ibm.com/support/docview.wss (x_refsource_CONFIRM)
103404 (vdb-entry, x_refsource_BID)
1040563 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2018-1435?: CVE-2018-1435 is a high-severity vulnerability in Ibm Notes. CVSS score: 7.8/10. Published 2018-03-14.
How severe is CVE-2018-1435?: High severity. CVSS v3 base score is 7.8 out of 10.
Is CVE-2018-1435 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.