CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-55115

A path traversal in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the system running the Agent. This vulnerability impacts the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions. This vulnerability was fixed in 9.0.20.100 and above.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.8%

CVSS Severity

CVSS v3 Score 8.8

References

https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000441969
https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000442099

Products affected by CVE-2025-55115

Bmc » Control-M/agent » Version: 6.3.1

cpe:2.3:a:bmc:control-m/agent:6.3.1
Bmc » Control-M/agent » Version: 6.4.1

cpe:2.3:a:bmc:control-m/agent:6.4.1
Bmc » Control-M/agent » Version: 9.0.20

cpe:2.3:a:bmc:control-m/agent:9.0.20
Bmc » Control-M/agent » Version: 9.0.20.000

cpe:2.3:a:bmc:control-m/agent:9.0.20.000

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-55115

Products

Pricing

Contact Us