CVE-2026-0977 is a vulnerability identified in IBM CICS Transaction Gateway for Multiplatforms versions 9.3 and 10.1. The root cause is improper access control mechanisms (classified under CWE-284), which allow unauthorized users to transfer or view files that should otherwise be protected. The vulnerability is local access vector (AV:L), meaning exploitation requires local access to the system, but does not require privileges (PR:N) or user interaction (UI:N). The vulnerability affects confidentiality and integrity to a limited degree (C:L/I:L), but does not impact availability (A:N). IBM CICS Transaction Gateway is middleware that facilitates communication between distributed applications and IBM mainframe CICS systems, often used in enterprise environments for transaction processing. Improper access control in this gateway could expose sensitive transaction data or allow unauthorized data manipulation. Although no public exploits are known at this time, the vulnerability poses a risk to organizations that have not implemented strict local access controls or have not yet applied vendor patches. The vulnerability was published on March 13, 2026, with no patch links currently provided, indicating that remediation may be pending or in progress. Given the critical role of CICS Transaction Gateway in enterprise transaction processing, this vulnerability requires timely attention to prevent potential data breaches or unauthorized data transfers.

The vulnerability could lead to unauthorized disclosure and modification of sensitive transaction data within enterprise environments that use IBM CICS Transaction Gateway. Attackers with local access could view or transfer files without proper authorization, potentially exposing confidential business information or enabling data tampering. While the vulnerability does not affect system availability, the breach of confidentiality and integrity could undermine trust in transaction processing systems, cause regulatory compliance issues, and result in financial losses. Organizations relying heavily on IBM CICS Transaction Gateway for critical business processes, especially in sectors such as finance, government, and large-scale manufacturing, are at higher risk. The lack of required privileges and user interaction lowers the barrier for exploitation once local access is obtained, increasing the threat from insider threats or attackers who have gained initial footholds within the network.

Organizations should immediately review and tighten local access controls on systems running IBM CICS Transaction Gateway versions 9.3 and 10.1 to restrict unauthorized user access. Implement strict user authentication and authorization policies to limit who can access the gateway and related files. Monitor and audit file access and transfer activities to detect suspicious behavior promptly. Since no official patches are currently linked, maintain close communication with IBM for updates and apply vendor patches as soon as they become available. Consider network segmentation to isolate systems running the gateway and reduce the risk of lateral movement by attackers. Employ host-based intrusion detection systems (HIDS) to alert on unauthorized file access attempts. Additionally, conduct regular security assessments and penetration testing focused on access control weaknesses in the gateway environment. Document and enforce least privilege principles for all users and processes interacting with the gateway.