CVE-2015-7861

Vulnerability

CVE-2015-7861 is a command injection vulnerability in the agent component of Accelerite Radia Client Automation (formerly HP Client Automation) prior to version 9.1 [1][2]. The flaw exists within the agent's handling of commands, allowing an attacker to send arbitrary commands without any authentication [1]. The vulnerability affects the Role-Based Access and Remote Notify features [2].

Exploitation

An unauthenticated remote attacker can exploit this vulnerability by sending specially crafted commands to the vulnerable agent over the network [1]. No user interaction or prior access is required. The attacker simply needs network connectivity to the target system running the affected agent [2].

Impact

Successful exploitation allows the attacker to execute arbitrary code with SYSTEM privileges on the target system [1][2]. This results in complete compromise of confidentiality, integrity, and availability of the affected host.

Mitigation

Accelerite released a hotfix and advisory for this issue [2]. The fix is included in Radia Client Automation version 9.1 and later [2]. Organizations should update to the latest version or apply the hotfix provided by Accelerite. If upgrading is not immediately possible, network segmentation and firewalling should be used to restrict access to the agent port from untrusted networks [1][2].