CVE-2026-8370

Vulnerability

An execution with unnecessary privileges vulnerability exists in Broadcom Automic Automation Agent Unix versions prior to 24.4.4 HF1 on Linux (Power 64 BE), zLinux (zSeries), and Solaris (x64, Sparc 64) [1]. The defect allows a low-privileged user who has execution rights on the agent executable to leverage the elevated privileges of the agent to perform unauthorized actions [1].

Exploitation

An attacker requires local access and low privileges on the affected Unix system, specifically the ability to execute the Automic Automation Agent Unix binary [1]. The attacker does not need to authenticate to the agent service, nor does any user interaction beyond execution of the agent binary appear necessary [1]. The exploitation sequence involves the attacker running the agent executable under conditions where the agent retains unnecessary privileges, enabling the attacker to inherit or manipulate those privileges for escalatory actions [1].

Impact

Successful exploitation results in privilege escalation, allowing the attacker to execute target programs with elevated privileges [1]. This leads to high impact on confidentiality, integrity, and availability of the affected system, with low scope changes to subsequent systems [1]. An attacker can gain administrative-level control over the agent host.

Mitigation

The vulnerability is fixed in Automic Automation Agent Unix version 24.4.4 HF1 for the affected platforms [1]. For Linux (x64, Power 64 LE) and AIX, version 24.0.0 or later is unaffected [1]. Automic Automation Agent Unix version 26.0.0 also contains the fix [1]. Administrators should upgrade to a fixed version. No workarounds are described in the available reference [1].