securityonline.info 7/7/2026, 10:41:31 AM · external

IBM patches critical HMC flaw letting hackers run system commands

IBM patches critical HMC flaw letting hackers run system commands
CyberSIXT Evidence Panel
Primary Source ibm.com
CISA KEV Not in KEV
Patch Patch Status Unknown

IBM has disclosed a critical vulnerability (CVE-2026-12943) in its Power Hardware Management Console (HMC), rated CVSS 9.8. This vulnerability allows unauthenticated attackers to execute arbitrary OS commands due to improper input validation. Affected versions include HMC V10.3.1050.0 to V10.3.1064.0 and V11.1.1110.0 to V11.1.1112.0, posing significant risks to enterprise networks as the HMC manages critical system functionalities. No active exploitation has been reported as of yet. IBM recommends immediate patching to secure systems against potential attacks.

View Primary Source Via securityonline.info

Article by CyberSIXT