CVE-2025-9059

Summary

The Altiris Core Agent Updater package (AeXNSC.exe) is prone to an elevation of privileges vulnerability through DLL hijacking.

Affected Software

VendorProductVersion RangeStatus
Broadcom8.6.IT Management Suite8.6.xaffected
Broadcom8.6.IT Management Suite8.7.xaffected
Broadcom8.6.IT Management Suite8.8affected

Weaknesses

  • CWE-427: CWE-427 Uncontrolled Search Path Element
  • CWE-269: CWE-269 Improper Privilege Management

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References