CVE-2025-4971
Privilege escalation vulnerability in Broadcom Automic Automation Agent Unix
Overview
The Broadcom Automic Automation Agent Unix versions prior to 24.3.0 HF4 and 21.0.13 HF1 are vulnerable to privilege escalation. Low privileged users who have execution rights on the agent executable can escalate their privileges.
Technical Details
The vulnerability resides in the way the agent executable handles permissions. A malicious low privileged user who has execution rights on the agent executable can exploit this vulnerability to gain higher access rights.
CVSS Metrics
- Attack Vector: LOCAL
- Attack Complexity: LOW
- Privileges Required: LOW
- User Interaction: NONE
- Impact Metrics - Confidentiality: HIGH
- Impact Metrics - Integrity: HIGH
- Impact Metrics - Availability: HIGH
Impact
The successful exploitation of this vulnerability could allow a low privileged user to gain unauthorized escalated privileges within the system. This could lead to unauthorized disclosure of information, unauthorized modification, and disruption of service.
Recommendations
- Update to the latest version of Broadcom Automic Automation Agent Unix.
- Restrict execution rights on the agent executable to only trusted users.
- Monitor system logs for any suspicious activity.
Threat Metrics
- "cvss_score": 8.5
- "severity": "HIGH"
- "attack_vector": "LOCAL"
- "attack_complexity": "LOW"