CVE-2026-0977 is a vulnerability identified in IBM CICS Transaction Gateway for Multiplatforms versions 9.3 and 10.1. The root cause is improper access control (CWE-284), which allows unauthorized users to transfer or view files that should be restricted. The vulnerability arises because the gateway does not adequately enforce permissions on file operations, potentially permitting local users without authentication to access sensitive files. The CVSS 3.1 base score is 5.1, reflecting a medium severity with an attack vector limited to local access (AV:L), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction (UI:N). The impact affects confidentiality and integrity but not availability. Since the gateway is a middleware component facilitating communication between client applications and IBM CICS mainframe environments, exploitation could expose sensitive transaction data or allow unauthorized modification of files used in transaction processing. No public exploits or patches have been reported as of the publication date. The vulnerability highlights the importance of strict access control enforcement in middleware gateways that bridge enterprise systems. Organizations using these versions should assess their local user access policies and consider additional monitoring or compensating controls until a patch is available.

The vulnerability could lead to unauthorized disclosure and modification of sensitive files within enterprise environments using IBM CICS Transaction Gateway for Multiplatforms. This may compromise the confidentiality and integrity of transaction data processed through the gateway, potentially affecting business operations and regulatory compliance. Since the attack vector is local, the threat is primarily from malicious insiders or attackers who have gained local access through other means. The absence of required privileges or user interaction lowers the barrier for exploitation once local access is obtained. Organizations relying on this gateway for critical transaction processing could face data breaches, fraud, or operational disruptions if the vulnerability is exploited. However, the lack of known exploits and the local access requirement somewhat limit the immediate widespread risk. Still, the vulnerability is significant in environments where local access controls are weak or where the gateway is deployed on shared or less secure systems.

1. Restrict local access to systems running IBM CICS Transaction Gateway to trusted and authorized personnel only. 2. Implement strict file system permissions and access control lists to limit file transfer and viewing capabilities to necessary users and processes. 3. Monitor and audit local user activities on gateway hosts for unusual file access or transfer operations. 4. Employ host-based intrusion detection systems (HIDS) to detect suspicious behavior related to file access on the gateway servers. 5. Segregate the gateway environment from general user environments to reduce the risk of unauthorized local access. 6. Apply any forthcoming patches from IBM promptly once available. 7. Review and harden gateway configuration settings to minimize exposure of sensitive files. 8. Consider deploying additional application-layer access controls or encryption for sensitive files handled by the gateway. 9. Conduct regular security assessments and penetration testing focusing on local access controls and file permissions in the gateway environment.