Plattform
other
Komponente
control-m/agent
Behoben in
9.0.20.100
9.0.20
9.0.19
CVE-2025-55115 describes a Path Traversal vulnerability discovered in the Control-M/Agent component. This flaw allows an attacker with access to the system running the Agent to potentially escalate their privileges. The vulnerability impacts Control-M/Agent versions 9.0.18 through 9.0.21, and potentially earlier unsupported versions. A fix is available in version 9.0.20.100 and later.
Successful exploitation of this path traversal vulnerability could allow an attacker to read or write files outside of the intended directory, potentially gaining access to sensitive system data or executing arbitrary code. The attacker needs to have existing access to the system hosting the Control-M/Agent. This could involve compromised user accounts or other vulnerabilities that provide initial foothold. The potential impact includes data breaches, system compromise, and disruption of Control-M operations. While the description doesn't explicitly mention it, the ability to write files could lead to code execution, significantly expanding the attack surface.
CVE-2025-55115 was publicly disclosed on September 16, 2025. There is no indication of active exploitation or KEV listing at the time of writing. Public proof-of-concept code is not currently available, but the path traversal nature of the vulnerability suggests that it could be relatively easy to exploit once a suitable POC is developed. The vulnerability's impact is amplified by the fact that it can lead to local privilege escalation.
Organizations running Control-M/Agent, particularly those using older, out-of-support versions (9.0.18 – 9.0.21) and those with limited access controls on the Agent system, are at significant risk. Shared hosting environments where multiple users share the same system are also particularly vulnerable.
• linux / server: Monitor system logs (journalctl) for unusual file access patterns, particularly attempts to access files outside of the expected Agent directory. Use lsof to identify processes accessing sensitive files.
• windows / supply-chain: Use PowerShell to monitor for unusual process execution or file access. Example: Get-Process | Where-Object {$_.Path -like 'Control-M/Agent'} | Select-Object ProcessName, Path
• generic web: Examine web server access logs for requests containing suspicious path traversal sequences (e.g., ../..).
disclosure
Exploit-Status
EPSS
0.02% (4% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-55115 is to upgrade the Control-M/Agent to version 9.0.20.100 or later. If an immediate upgrade is not feasible, consider restricting access to the Agent's directory and implementing strict file permissions to limit the potential impact of a successful attack. Review and harden the system's overall security posture, including user account management and network segmentation. There are no specific WAF or proxy rules that can directly address this path traversal vulnerability; the focus should be on restricting access and patching the vulnerable component. After upgrade, confirm the fix by attempting to access files outside the intended directory and verifying that access is denied.
Actualice Control-M/Agent a la versión 9.0.20.100 o superior. Esto corrige la vulnerabilidad de path traversal que permite la escalada de privilegios local. Consulte el artículo de la base de conocimientos de BMC para obtener más detalles sobre la actualización.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-55115 is a Path Traversal vulnerability in Control-M/Agent allowing attackers with system access to potentially escalate privileges. It affects versions 9.0.18–9.0.21.
You are affected if you are running Control-M/Agent versions 9.0.18 through 9.0.21, or potentially earlier unsupported versions. Check your version and upgrade if necessary.
Upgrade Control-M/Agent to version 9.0.20.100 or later to resolve the vulnerability. Restrict access to the Agent system as an interim measure.
As of September 16, 2025, there are no publicly known active exploitation campaigns for CVE-2025-55115, but monitoring is recommended.
Refer to the official Micro Focus security advisory for Control-M/Agent, which should be available on the Micro Focus support website.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.