CVE-2015-2023

HIGH

IBM i Access 7.1 - Local Privilege Escalation via Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-2023. PoCs published by hyp3rlinx.

AI-analyzed exploit summary The exploit demonstrates a stack-based buffer overflow in IBM i Access for Windows, leading to arbitrary code execution via direct EIP overwrite or SEH overwrite. It includes three Python scripts targeting different components (ftdwprt.exe, ftdwinvw.exe, PCSWS.exe) with shellcode to spawn calc.exe.

Description

Buffer overflow in IBM i Access 7.1 on Windows allows local users to gain privileges via unspecified vectors.

Exploits (1)

exploitdb WORKING POC
by hyp3rlinx · textlocalwindows
https://www.exploit-db.com/exploits/38751

The exploit demonstrates a stack-based buffer overflow in IBM i Access for Windows, leading to arbitrary code execution via direct EIP overwrite or SEH overwrite. It includes three Python scripts targeting different components (ftdwprt.exe, ftdwinvw.exe, PCSWS.exe) with shellcode to spawn calc.exe.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: IBM i Access for Windows Release 7.1
No auth needed
Prerequisites: IBM i Access for Windows installed · Local or remote access to the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/38751/
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1SI57907

Scores

CVSS v3 8.8
EPSS 0.0154
EPSS Percentile 71.6%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (1)
ibm/i_access 7.1
Published Jan 02, 2016
Tracked Since Feb 18, 2026