BMC Control-M/Agent 路径遍历本地权限提升漏洞

攻击者可以利用此路径遍历漏洞访问 Control-M/Agent 系统上的敏感文件和目录，这些文件和目录通常受限于普通用户。通过操纵文件路径，攻击者可以读取、写入或执行任意文件，从而获得对系统的控制权。这可能导致数据泄露、恶意软件安装或完全控制受影响的系统。由于该漏洞允许本地权限提升，因此攻击者需要先获得对系统的访问权限，例如通过凭据盗窃或物理访问。该漏洞的潜在影响包括数据泄露、系统损坏和业务中断。

Organizations running Control-M/Agent, particularly those using older, out-of-support versions (9.0.18 – 9.0.21) and those with limited access controls on the Agent system, are at significant risk. Shared hosting environments where multiple users share the same system are also particularly vulnerable.

• linux / server: Monitor system logs (journalctl) for unusual file access patterns, particularly attempts to access files outside of the expected Agent directory. Use lsof to identify processes accessing sensitive files. • windows / supply-chain: Use PowerShell to monitor for unusual process execution or file access. Example: Get-Process | Where-Object {$_.Path -like 'Control-M/Agent'} | Select-Object ProcessName, Path • generic web: Examine web server access logs for requests containing suspicious path traversal sequences (e.g., ../..).

1. 2025-09-16Disclosure

   disclosure

1. 已保留2025-08-07
2. 发布日期2025-09-16
3. 修改日期2026-02-26
4. EPSS 更新日期2026-03-23

最有效的缓解措施是立即将 Control-M/Agent 升级至 9.0.20.100 或更高版本。如果无法立即升级，请考虑实施以下临时缓解措施：限制对 Control-M/Agent 系统的访问，仅允许授权用户访问。审查并强化 Control-M/Agent 系统的文件权限，确保敏感文件和目录受到保护。监控 Control-M/Agent 系统的日志文件，以检测任何可疑活动。如果升级导致问题，请考虑回滚到之前的稳定版本，并在升级后确认漏洞已修复，例如通过检查文件访问权限和验证系统配置。