Platform
ibm
Component
verify-identity-access
Fixed in
11.0.3
10.0.10
11.0.3
10.0.10
CVE-2026-1342 describes a script execution vulnerability within IBM Verify Identity Access. This flaw allows a locally authenticated user to execute malicious scripts outside of their intended control sphere, potentially leading to unauthorized access and system compromise. The vulnerability impacts versions 10.0 through 11.0.2 of both the Container and non-Container deployments. IBM has released patches to address this issue.
Successful exploitation of CVE-2026-1342 could allow an attacker with local authentication to execute arbitrary code on the affected system. This could lead to a complete compromise of the IBM Verify Identity Access instance, enabling the attacker to steal sensitive user credentials, modify authentication policies, and potentially gain access to other systems within the network. The impact is particularly severe given that IBM Verify Identity Access is often used as a central authentication point, making it a prime target for attackers seeking to gain broader access to an organization's resources. The ability to execute arbitrary code effectively grants the attacker a root-level foothold, allowing for persistent access and lateral movement.
CVE-2026-1342 was publicly disclosed on April 7, 2026. The vulnerability's impact, combined with the potential for relatively easy exploitation by a locally authenticated user, suggests a medium probability of exploitation. As of this writing, there are no publicly available proof-of-concept exploits. It is not currently listed on CISA KEV. Monitor security advisories and threat intelligence feeds for any updates regarding active exploitation campaigns.
Exploit Status
EPSS
0.01% (3% percentile)
CISA SSVC
The primary mitigation for CVE-2026-1342 is to upgrade to a patched version of IBM Verify Identity Access. IBM has released fixes for all affected versions. If immediate patching is not possible, consider implementing stricter access controls to limit the privileges of locally authenticated users. Review and harden the configuration of IBM Verify Identity Access to minimize the attack surface. Monitor system logs for any suspicious activity, particularly related to script execution. While a WAF is unlikely to directly mitigate this vulnerability, it can help detect and block malicious requests attempting to exploit it.
Apply the security updates provided by IBM for IBM Verify Identity Access Container and IBM Security Verify Access Container to versions 11.0.3 or later and 10.0.10 or later, respectively. See the IBM support note (https://www.ibm.com/support/pages/node/7268253) for detailed instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-1342 is a HIGH severity vulnerability allowing a locally authenticated user to execute malicious scripts in IBM Verify Identity Access versions 10.0-11.0.2, potentially leading to system compromise.
You are affected if you are using IBM Verify Identity Access versions 10.0 through 11.0.2, both Container and non-Container deployments. Check your version and upgrade immediately.
Upgrade to a patched version of IBM Verify Identity Access. Refer to the official IBM security advisory for specific version details and upgrade instructions.
As of now, there are no publicly known active exploitation campaigns, but the vulnerability's severity warrants immediate attention and mitigation.
Refer to the official IBM Security Bulletin for CVE-2026-1342 on the IBM Security Support website. Search for the CVE ID to find the relevant advisory.
CVSS Vector
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.