CVE-2024-22318

MEDIUM

IBM i Access Client Solutions <1.1.2-1.1.4, <1.1.4.3-1.1.9.4 - Info...

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-22318. PoCs published by hyp3rlinx.

AI-analyzed exploit summary This advisory describes a vulnerability in IBM i Access Client Solutions where attackers can craft malicious .HOD or .WS files to trigger NTLM authentication to a hostile server, leading to credential theft. The exploit relies on social engineering to trick users into opening the file.

Description

IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is enabled, the Windows operating system will try to authenticate using the current user's session. The hostile server could capture the NTLM hash information to obtain the user's credentials. IBM X-Force ID: 279091.

Exploits (1)

exploitdb WRITEUP

by hyp3rlinx · textremotewindows_x86-64

https://www.exploit-db.com/exploits/51817

View Code ZIP pw:eip

This advisory describes a vulnerability in IBM i Access Client Solutions where attackers can craft malicious .HOD or .WS files to trigger NTLM authentication to a hostile server, leading to credential theft. The exploit relies on social engineering to trick users into opening the file.

Classification

Writeup 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: IBM i Access Client Solutions (all versions)

No auth needed

Prerequisites: NTLM enabled on Windows · User interaction to open malicious file

MITRE ATT&CK

T1557 - Adversary-in-the-Middle T1187 - Forced Authentication

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry

http://packetstormsecurity.com/files/177069/IBM-i-Access-Client-Solutions-Remote-Credential-Theft.html

Mailing List, Third Party Advisory

http://seclists.org/fulldisclosure/2024/Feb/7

Vendor Advisory vendor-advisory

https://www.ibm.com/support/pages/node/7116091

VDB Entry vdb-entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/279091

Scores

CVSS v3 5.1

EPSS 0.0017

EPSS Percentile 37.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-327 CWE-384

Status published

Products (1)

ibm/i_access_client_solutions 1.1.2 - 1.1.4

Published Feb 09, 2024

Tracked Since Feb 18, 2026