CVE-2026-3623
Analyzed Analyzed - Analysis Complete
Privilege Escalation in IBM Netezza Performance Server

Publication date: 2026-05-27

Last updated on: 2026-06-02

Assigner: IBM Corporation

Description
IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with low‑privileged access to escalate their privileges to root. By exploiting this flaw, the attacker can execute root‑level commands, obtain a root shell, and change the root user’s password. Successful exploitation also enables modification or removal of system‑wide files and the installation of persistent backdoors. This results in full system compromise with complete loss of confidentiality, integrity, and availability.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-06-02
Generated
2026-06-16
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-3623
EUVD
EUVD-2026-32279
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ibm netezza_performance_server_replication_services From 3.0.2.0 (inc) to 3.0.5.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-250 The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-3623 is a vulnerability in IBM Netezza Performance Server Replication Services versions 3.0.2.0 through 3.0.5.0 that allows an attacker with low-privileged access to escalate their privileges to root.

By exploiting this flaw, the attacker can execute root-level commands, obtain a root shell, change the root user’s password, modify or remove system-wide files, and install persistent backdoors.

This leads to full system compromise with complete loss of confidentiality, integrity, and availability.

Impact Analysis

The vulnerability allows an attacker with low privileges to gain root access, which means they can execute any command on the system with the highest level of permissions.

  • Execute root-level commands
  • Obtain a root shell
  • Change the root user’s password
  • Modify or remove system-wide files
  • Install persistent backdoors

All these actions result in full system compromise, causing a complete loss of confidentiality, integrity, and availability of the affected system.

Mitigation Strategies

To mitigate this vulnerability, users are advised to upgrade IBM Netezza Performance Server Replication Services to version 3.0.5.1, which contains the fix for this issue.

No workarounds are available, so applying the update is the only effective immediate step to prevent exploitation.

Compliance Impact

This vulnerability allows an attacker to escalate privileges to root, leading to full system compromise with complete loss of confidentiality, integrity, and availability.

Such a compromise can result in unauthorized access to sensitive data, modification or deletion of critical system files, and installation of persistent backdoors, which can severely impact compliance with standards and regulations like GDPR and HIPAA that require protection of data confidentiality and integrity.

Therefore, if exploited, this vulnerability could lead to violations of these regulations due to potential data breaches and loss of system integrity.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3623. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart