CVE-2015-7860

Vulnerability

A stack-based buffer overflow exists in the agent component of Hewlett-Packard Client Automation (now Persistent Accelerite Radia Client Automation) prior to version 9.1. The flaw is triggered when the agent receives a large buffer of data over the network. No authentication is required to reach the vulnerable code path [1][2].

Exploitation

An unauthenticated remote attacker can send a specially crafted, oversized buffer to the agent. The agent fails to properly validate the size of the incoming data, causing a stack buffer overflow. This can be achieved without any prior access or user interaction, provided the target environment does not employ relationship-based firewalling that would block the network traffic [1][2].

Impact

Successful exploitation allows an attacker to execute arbitrary code with SYSTEM privileges, resulting in complete compromise of the affected system. The attacker gains full control over confidentiality, integrity, and availability of the host [1][2].

Mitigation

Persistent Accelerite released a hotfix for this issue; the vulnerability is fixed in Radia Client Automation version 9.1 and later. Organizations should update to the latest version. If patching is not immediately possible, network-level access controls (e.g., firewalls) should be applied to restrict traffic to the agent port from untrusted sources [2].