BMC Control-M/Agent 安全漏洞

BMC Control-M/Agent is a workload automation system from BMC USA. A security vulnerability exists in BMC Control-M/Agent that stems from not enabling mutual SSL/TLS authentication, which could lead to unauthenticated remote code execution, arbitrary file reads and writes, and similar unauthorized...

EUVD-2019-8846

Malware in sbrugna...

EUVD-2019-8844

Malware in sbrugna...

EUVD-2019-8841

Malware in sbrugna...

CVE-2025-55116

The CVE-2025-55116 issue affects BMC Control-M/Agent, specifically versions 9.0.18–9.0.20 (potentially earlier unsupported builds). It is caused by a stack/buffer overflow in the Agent running on the target system, enabling local privilege escalation when an attacker has system access. Mitigation...

CVE-2025-55111 BMC Control-M/Agent insecure default file permissions

Certain files with overly permissive permissions were identified in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions as well as in newer versions which were upgraded from an affected version. These files contain keys and passwords relating ...

BMC Control-M/Agent Command Injection Vulnerability

Control-M is one of BMC's most important automation control products, and is the world's leading integrated business scheduling solution for cross-platform and cross-application job scheduling. A security vulnerability exists in BMC Control-M/Agent when using the TCP protocol, which can be...

BMC Control-M/Agent Buffer Overflow Vulnerability

Control-M is one of BMC's most important automation control products, and is the world's leading integrated business scheduling solution for cross-platform and cross-application job scheduling. A buffer overflow vulnerability exists in BMC Control-M/Agent when the On-Do action destination is Mail...

CVE-2019-19216

BMC Control-M/Agent 7.0.00.000 has an Insecure File Copy...

CVE-2019-19215

A buffer overflow vulnerability in BMC Control-M/Agent 7.0.00.000 when the On-Do action destination is Mail and the Control-M/Agent is configured to send the email, allows remote attackers to have unspecified impact via vectors related to the configured IP address or SMTP server...

CVE-2019-19217

BMC Control-M/Agent 7.0.00.000 allows OS Command Injection...

CVE-2019-19218

BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage...

CVE-2019-19220

BMC Control-M/Agent 7.0.00.000 allows OS Command Injection issue 2 of 2...

Command injection

BMC Control-M/Agent 7.0.00.000 allows OS Command Injection...

Buffer overflow

A buffer overflow vulnerability in BMC Control-M/Agent 7.0.00.000 when the On-Do action destination is Mail and the Control-M/Agent is configured to send the email, allows remote attackers to have unspecified impact via vectors related to the configured IP address or SMTP server...

Design/Logic Flaw

BMC Control-M/Agent 7.0.00.000 has an Insecure File Copy...

Default credentials

BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage...

Arbitrary file deletion

BMC Control-M/Agent 7.0.00.000 allows Arbitrary File Download...

CVE-2019-19215

The CVE concerns BMC Control-M/Agent 7.0.00.000 where a buffer overflow occurs when the On-Do action destination is Mail and the Agent is configured to send mail. The vulnerability is triggered by vectors related to the configured IP address or SMTP server, allowing remote attackers to impact the...

CVE-2019-19215

A buffer overflow vulnerability in BMC Control-M/Agent 7.0.00.000 when the On-Do action destination is Mail and the Control-M/Agent is configured to send the email, allows remote attackers to have unspecified impact via vectors related to the configured IP address or SMTP server...