Broadcom CA Client Automation CVE-2019-19231 Local Privilege Escalation Vulnerability

2019-12-18T00:00:00
ID SMNTC-111271
Type symantec
Reporter Symantec Security Response
Modified 2019-12-18T00:00:00

Description

Description

Broadcom CA Client Automation is prone to a local privilege-escalation vulnerability. Local attackers may exploit this issue to execute arbitrary command with elevated privileges on the affected system. Broadcom CA Client Automation versions 14.0, 14.1, 14.2, 14.3 are vulnerable.

Technologies Affected

  • Broadcom CA Client Automation 14.0
  • Broadcom CA Client Automation 14.1
  • Broadcom CA Client Automation 14.2
  • Broadcom CA Client Automation 14.3

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Ensure that only trusted users have local, interactive access to affected computers.

Updates are available. Please see the references or vendor advisory for more information.