CVE-2026-8370
published 2026-05-19CVE-2026-8370: Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLinux…
PriorityP342high8.5CVSS 4.0
AVLACLATNPRLUINVCHVIHVAHSCLSILSALEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.15%
4.2th percentile
Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLinux (zSeries), AIX, Solaris x64, Solaris Sparc 64 allows Privilege Escalation, Target Programs with Elevated Privileges.
This issue affects Automic Automation: < 24.4.4 HF1.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| broadcom | automic_automation | < 24.4.4 HF1 | 24.4.4 HF1 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vmh5-rqqv-q3v3: Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLin
ghsa_unreviewed·2026-05-19
CVE-2026-8370 [HIGH] CWE-250 GHSA-vmh5-rqqv-q3v3: Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLin
Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLinux (zSeries), AIX, Solaris x64, Solaris Sparc 64 allows Privilege Escalation, Target Programs with Elevated Privileges.
This issue affects Automic Automation: < 24.4.4 HF1.
VulDB
Broadcom Automic Automation up to 24.4.4 on Linux unnecessary privileges (EUVD-2026-30970)
vuldb·2026-05-19·CVSS 8.5
CVE-2026-8370 [HIGH] Broadcom Automic Automation up to 24.4.4 on Linux unnecessary privileges (EUVD-2026-30970)
A vulnerability labeled as critical has been found in Broadcom Automic Automation up to 24.4.4 on Linux. Impacted is an unknown function. The manipulation results in execution with unnecessary privileges.
This vulnerability is known as CVE-2026-8370. Attacking locally is a requirement. No exploit is available.
The affected component should be upgraded.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-19
Published