CVE-2025-4971

Summary

Broadcom Automic Automation Agent Unix versions < 24.3.0 HF4 and < 21.0.13 HF1 allow low privileged users who have execution rights on the agent executable to escalate their privileges.

Affected Software

VendorProductVersion RangeStatus
BroadcomAutomic Automation< 24.3.0 HF4, and < 21.0.13 HF1affected
BroadcomAutomic Automation24.3.0 HF4 or later, and 21.0.13 HF1 or laterunaffected

Weaknesses

  • CWE-426: CWE-426 Untrusted Search Path

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References