CVE-2026-8179

EUVD-2026-32497
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could allow an authenticated user to execute arbitrary code on the system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 32%
Affected Products (NVD)
VendorProductVersion
ibmaspera_high-speed_transfer_endpoint
3.7.4 ≤
𝑥
≤ 4.4.6
ibmaspera_high-speed_transfer_endpoint
4.4.7
ibmaspera_high-speed_transfer_endpoint
4.4.7:fixpack1
ibmaspera_high-speed_transfer_server
3.7.4 ≤
𝑥
≤ 4.4.6
ibmaspera_high-speed_transfer_server
4.4.7
ibmaspera_high-speed_transfer_server
4.4.7:fixpack1
𝑥
= Vulnerable software versions