CVE-2026-2713

{"id": "CVE-2026-2713", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.4}]}, "published": "2026-03-10T20:16:39.930", "references": [{"url": "https://www.ibm.com/support/pages/node/7263031", "source": "psirt@us.ibm.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "psirt@us.ibm.com", "description": [{"lang": "en", "value": "CWE-427"}]}], "descriptions": [{"lang": "en", "value": "IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system."}, {"lang": "es", "value": "IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport podr\u00eda permitir a un atacante local ejecutar c\u00f3digo arbitrario en el sistema, causado por una vulnerabilidad de elemento de ruta de b\u00fasqueda no controlada de DLL. Al colocar un archivo especialmente dise\u00f1ado en una carpeta comprometida, un atacante podr\u00eda explotar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el sistema."}], "lastModified": "2026-03-11T13:52:47.683", "sourceIdentifier": "psirt@us.ibm.com"}