Bmc Control-M Agent vulnerabilities
11 known vulnerabilities affecting bmc/control-m_agent.
Total CVEs
11
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH4MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2025-55108P2CRITICALCVSS 10.0v9.0.22v9.0.21+3 more2025-11-05
CVE-2025-55108 [CRITICAL] CWE-306 CVE-2025-55108: The Control-M/Agent is vulnerable to unauthenticated remote code execution, arbitrary file read and
The Control-M/Agent is vulnerable to unauthenticated remote code execution, arbitrary file read and write and similar unauthorized actions when mutual SSL/TLS authentication is not enabled (i.e. in the default configuration).
NOTE:
* The vendor believes that this vulnerability only occurs when documented security best practices are not followed.
nvd
CVE-2025-55113P2CRITICALCVSS 10.0≤ 9.0.22v9.0.22.000+4 more2025-09-16
CVE-2025-55113 [CRITICAL] CWE-158 CVE-2025-55113: If the Access Control List is enforced by the Control-M/Agent and the C router is in use (default in
If the Access Control List is enforced by the Control-M/Agent and the C router is in use (default in Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions; non-default but configurable using the JAVA_AR setting in newer versions), the verification stops at the first NULL byte encountered in the email
nvd
CVE-2025-55109P2CRITICALCVSS 9.0≤ 9.0.22v9.0.20+2 more2025-09-16
CVE-2025-55109 [CRITICAL] CWE-295 CVE-2025-55109: An authentication bypass vulnerability exists in the out-of-support Control-M/Agent versions 9.0.18
An authentication bypass vulnerability exists in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions when using an empty or default kdb keystore or a default PKCS#12 keystore. A remote attacker with access to a signed third-party or demo certificate for client authentication can bypass the need
nvd
CVE-2025-55118P3HIGHCVSS 8.9v9.0.22.000v9.0.21+3 more2025-09-16
CVE-2025-55118 [HIGH] CWE-122 CVE-2025-55118: Memory corruptions can be remotely triggered in the Control-M/Agent when SSL/TLS communication is co
Memory corruptions can be remotely triggered in the Control-M/Agent when SSL/TLS communication is configured.
The issue occurs in the following cases:
* Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "use_openssl=n";
* Control-M/Agent 9.0.21 and 9.0.22: Agent router configuration uses the non-default settings "JAVA_
nvd
CVE-2025-55116P3HIGHCVSS 8.8fixed in 9.0.20.100v9.0.20+2 more2025-09-16
CVE-2025-55116 [HIGH] CWE-121 CVE-2025-55116: A buffer overflow in the Control-M/Agent can lead to a local privilege escalation when an attacker h
A buffer overflow in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the system running the Agent.
This vulnerability impacts the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions.
nvd
CVE-2025-55115P3HIGHCVSS 8.8fixed in 9.0.20.100v9.0.20+2 more2025-09-16
CVE-2025-55115 [HIGH] CWE-23 CVE-2025-55115: A path traversal in the Control-M/Agent can lead to a local privilege escalation when an attacker ha
A path traversal in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the system running the Agent. This vulnerability impacts the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions. This vulnerability was fixed in 9.0.20.100 and above.
nvd
CVE-2025-55112P3HIGHCVSS 7.4≤ 9.0.20.200v9.0.20+2 more2025-09-16
CVE-2025-55112 [HIGH] CWE-321 CVE-2025-55112: Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 (and potentially earlier unsupported versio
Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 (and potentially earlier unsupported versions) that are configured to use the non-default Blowfish cryptography algorithm use a hardcoded key. An attacker with access to network traffic and to this key could decrypt network traffic between the Control-M/Agent and Server.
nvd
CVE-2025-55117P4MEDIUMCVSS 5.3≤ 9.0.22v9.0.22.000+4 more2025-09-16
CVE-2025-55117 [MEDIUM] CWE-121 CVE-2025-55117: A stack-based buffer overflow can be remotely triggered when formatting an error message in the Cont
A stack-based buffer overflow can be remotely triggered when formatting an error message in the Control-M/Agent when SSL/TLS communication is configured.
The issue occurs in the following cases:
* Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "use_openssl=n";
* Control-M/Agent 9.0.21 and 9.0.22: Agent router conf
nvd
CVE-2025-55111P4MEDIUMCVSS 5.5fixed in 9.0.21v9.0.20+2 more2025-09-16
CVE-2025-55111 [MEDIUM] CWE-276 CVE-2025-55111: Certain files with overly permissive permissions were identified in the out-of-support Control-M/Age
Certain files with overly permissive permissions were identified in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions as well as in newer versions which were upgraded from an affected version. These files contain keys and passwords relating to SSL files, keystore and policies. An attacker with
nvd
CVE-2025-55114P4MEDIUMCVSS 5.3v9.0.20v9.0.19+1 more2025-09-16
CVE-2025-55114 [MEDIUM] CWE-696 CVE-2025-55114: The improper order of AUTHORIZED_CTM_IP validation in the Control-M/Agent, where the Control-M/Serve
The improper order of AUTHORIZED_CTM_IP validation in the Control-M/Agent, where the Control-M/Server IP address is validated only after the SSL/TLS handshake is completed, exposes the Control-M/Agent to vulnerabilities in the SSL/TLS implementation under certain non-default conditions (e.g. CVE-2025-55117 or CVE-2025-55118) or potentially to resour
nvd
CVE-2025-55110P4MEDIUMCVSS 5.5v9.0.22v9.0.21+3 more2025-09-16
CVE-2025-55110 [MEDIUM] CWE-1392 CVE-2025-55110: Control-M/Agents use a kdb or PKCS#12 keystore by default, and the default keystore password is well
Control-M/Agents use a kdb or PKCS#12 keystore by default, and the default keystore password is well known and documented.
An attacker with read access to the keystore could access sensitive data using this password.
nvd