The tool is included with AIX 7.2 and AIX 7.3. It is delivered with the bos.rte.install AIX fileset. This requires an internet connection. It allows to download and install security fix

• emgr_check_ifixes
• emgr_download_ifix

# emgr_check_ifixes
Gathering system information
+-----------------------------------------------------------------------------+
p0.mtm=8284-22A
p0.fw=SV860_212
p0.parnm=apollo
p0.os=aix
p0.aix=7300-02-01-2346
+-----------------------------------------------------------------------------+
Checking interim fixes on the system ...
+-----------------------------------------------------------------------------+
ID  STATE LABEL      INSTALL TIME      UPDATED BY ABSTRACT
====== ================ ================= ========== ======================================
1    S    IJ49378m1d 02/06/24 23:23:27            IJ49378 EFIXTOOLS MULTI-FIX
Searching for AIX security fixes ...
+-----------------------------------------------------------------------------+
Recommended ifixes, please wait..parsing
===============================================================================
38408m9a        AIX is vulnerable to unauthorized file access and arbitrary code execution due to OpenSSH        https://aix.software.ibm.com/aix/efixes/security/openssh_fix15.tar
CVE-2023-5363   AIX is vulnerable to a denial of service (CVE-2023-5678 CVE-2023-6129 CVE-2023-6237) and an attacker may obtain sensitive information (CVE-2023-5363) due to OpenSSL     https://aix.software.ibm.com/aix/efixes/security/openssl_fix40.tar
curl7791mb      Multiple vulnerabilities in cURL libcurl affect AIX      https://aix.software.ibm.com/aix/efixes/security/curl_fix3.tar

Vulnerability fixes are not downloaded

emgr_check_ifixes

• -D automatically download the required fixes to the host in /tmp/ifix_ ${PID}

Download a specific efix

# emgr_download_ifix -L https://aix.software.ibm.com/aix/efixes/security/ntp_fix14.tar -P .