Attention – there is currently a security warning for existing Linux agents.
This means that executions with root authorisations can be called on the agents.
Due to the high classification CVE 8.5, this is a serious security warning.
Vulnerability
Broadcom is alerting customers to a vulnerability in Automic Automation Agent Unix. A vulnerability exists in the Automic Automation Agent Unix that allows low privileged users who have execution rights on the agent executable to escalate their privileges. Broadcom has published solutions to address this vulnerability and recommends that all affected customers implement these solutions.*
Affected
Automic Automation Agent Unix <24.3.0 HF4, <21.0.13 HF1
Solution
Update to version 24.3.0 HF4, 21.0.13 HF1 or higher
Further Informations
- * https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25732
- https://www.cve.org/CVERecord?id=CVE-2025-4971
- https://cwe.mitre.org/data/definitions/426.html
- https://www.secuvera.de/advisories/secuvera-SA-2025-01.txt