Volerion logoVolerion
Volerion logoVolerion

IBM Robotic Process Automation Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability has been identified in IBM Robotic Process Automation versions 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18. The issue arises because all files in the installation inherit the file permissions of the parent directory. This allows a non-privileged user to replace any executable for the nssm.exe service. When the service or server is restarted, the substituted executable is executed with administrator privileges.

Impact

Exploitation of this vulnerability allows local users to escalate privileges, executing binaries with administrator rights.

Remediation

Users can upgrade to IBM Robotic Process Automation version 21.0.7.17 or 23.0.17. Instructions for upgrading can be found in the IBM Robotic Process Automation documentation. As a workaround, the registry can be modified to include quotes around the executable path for certain services, which prevents the privilege escalation.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
1.4
impact
10.0
exploitability
3.5
remediation
8.3
relevance
0.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.