CVE-2025-4971 HIGH

CVE-2025-4971: Broadcom Automic Automation Agent Unix privilege escalation

Vendor Broadcom
Product Automic Automation
Weakness CWE-426
Published May 19, 2025
Last update May 20, 2025

CVSS base score

8.5/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

What the vulnerability does

01Description

Broadcom Automic Automation Agent Unix versions < 24.3.0 HF4 and < 21.0.13 HF1 allow low privileged users who have execution rights on the agent executable to escalate their privileges.

Key dates

02Disclosure timeline

May 19, 2025 CVE published
May 20, 2025 Record updated

Related vulnerabilities

04Related CVE