IBM Netezza PS 3.0.23.0.5 PrivEsc via Replication Services
CVE-2026-3623 Published on May 27, 2026

Vulnerabilities exists in IBM Netezza Performance Server Replication Services
IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with lowprivileged access to escalate their privileges to root. By exploiting this flaw, the attacker can execute rootlevel commands, obtain a root shell, and change the root users password. Successful exploitation also enables modification or removal of systemwide files and the installation of persistent backdoors. This results in full system compromise with complete loss of confidentiality, integrity, and availability.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2026-3623 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:
LOCAL
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

Execution with Unnecessary Privileges

The software performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.


Products Associated with CVE-2026-3623

Want to know whenever a new CVE is published for IBM Netezza Performance Server Replication Services? stack.watch will email you.

IBM Netezza Performance Server Replication Services
 

Affected Versions

IBM Netezza Performance Server Replication Services: