Primary

Context

BMC Control-M/Agent Buffer Overflow Local Privilege Escalation Vulnerability

Vulnerability

Patched

A buffer overflow vulnerability has been identified in BMC Control-M/Agent versions 9.0.18 prior to 9.0.20, as well as potentially earlier unsupported versions. This vulnerability allows for local privilege escalation when an attacker has access to the system running the Agent.

Impact

Exploitation of this vulnerability can lead to unauthorized privilege escalation, allowing a user to gain elevated rights on the system.

Remediation

Users are advised to upgrade to Control-M/Agent version 9.0.20.100 or higher. For those on versions 9.0.20.000 and lower, the only option is to upgrade to version 9.0.21 or higher and follow the specific upgrade procedures for that version.

Added: Sep 16, 2025, 3:09 PM

Updated: Sep 16, 2025, 3:09 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

10.0

exploitability

3.5

remediation

7.9

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

10.0

exploitability

3.5

remediation

7.9

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

BMC Control-M/Agent Buffer Overflow Local Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

BMC Control-M/Agent

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating