10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.663 Medium
EPSS
Percentile
97.9%
Radia Client Automation (previously sold under the name HP Client Automation) agent prior to version 9.1 is vulnerable to arbitrary remote code execution.
According to ZDI’s advisory for ZDI-15-363, which has been assigned CVE-2015-7860:
_"_This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Client Automation. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the Hewlett-Packard Client Automation agent. An attacker can send a large buffer of data to the agent which will cause a stack buffer overflow. An attacker can leverage this vulnerability to execute code under the context of the SYSTEM.__"
According to ZDI’s advisory for ZDI-15-364, which has been assigned CVE-2015-7861:
_"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Client Automation. Authentication is not required to exploit this vulnerability. _
The specific flaw exists within the Hewlett-Packard Client Automation agent. An attacker can send arbitrary commands to the agent. An attacker can leverage this vulnerability to execute code under the context of the SYSTEM."
These vulnerabilities impact the Role-Based Access and Remote Notify features of HP Client Automation.
An unauthenticated remote attacker may be able to execute arbitrary code with SYSTEM privileges.
Apply an update
Accelerite previously released a hotfix and advisory for this issue in previous versions of HP Client Automation and Radia Client Automation. Affected users may contact Accelerite for hotfix information.
Persistent has addressed the issues in the latest build of Radia Client Automation version 9.1. Affected users are encouraged to update as soon as possible.
966927
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: October 14, 2015
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Prior to 2013, HP developed the HP Client Automation software. In 2013, HP licensed the software to Persistent Systems, which now sells the software under the name Radia Client Automation. It is currently unclear which versions prior to Radia Client Automation 9.1 are affected by this vulnerability.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23966927 Feedback>).
Updated: August 14, 2017
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Prior to 2013, HP developed the HP Client Automation software. In 2013, HP licensed the software to Persistent Systems, which now sells the software under the name Radia Client Automation. It is currently unclear which versions prior to Radia Client Automation 9.1 are affected by this vulnerability.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23966927 Feedback>).
Group | Score | Vector |
---|---|---|
Base | 10 | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Temporal | 7.8 | E:POC/RL:OF/RC:C |
Environmental | 5.9 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
This document was written by Garret Wassermann.
CVE IDs: | CVE-2015-7860, CVE-2015-7861 |
---|---|
Date Public: | 2015-07-20 Date First Published: |
www.persistent.com/Persistent-IP/Radia-Client-Automation
www.zerodayinitiative.com/advisories/ZDI-15-363/
www.zerodayinitiative.com/advisories/ZDI-15-364/
support.accelerite.com/hc/en-us/articles/203659814-Accelerite-releases-solutions-and-best-practices-to-enhance-the-security-for-RBAC-and-Remote-Notify-features
support.accelerite.com/hc/en-us/articles/203659824