Zero-Day Advisory
Fortinet Discovers IBM SPSS Modeler DLL Pre-Loading Vulnerability
Summary
Fortinet's FortiGuard Labs has discovered an insecure DLL loading vulnerability in IBM SPSS Modeler.
IBM SPSS Modeler is an intuitive, drag-and-drop data science tool. It is used to build predictive models and conduct other analytic tasks.
IBM SPSS Modeler is susceptible to an insecure DLL loading vulnerability. The issue occurs when the application looks to load a DLL for execution and an attacker provides a malicious DLL to use instead. The application generally follows a specific search path to locate the DLL. The vulnerability can be exploited by a simple file write which results in a foreign DLL running under the context of the application.
Solutions
Users should apply the solution provided by IBM.
Timeline
Fortinet reported the vulnerability to IBM on November 14, 2019.
IBM confirmed the vulnerability on December 18, 2019.
Acknowledgement
This vulnerability was discovered by Honggang Ren of Fortinet's FortiGuard Labs.