CVE-2026-8370

Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLinux (zSeries), AIX, Solaris x64, Solaris Sparc 64 allows Privilege Escalation, Target Programs with Elevated Privileges. This issue affects Automic Automation: < 24.4.4 HF1.

CVSS

No CVSS.

References

Link	Resource
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37512

Configurations

No configuration.

History

19 May 2026, 19:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-05-19 19:16

Updated : 2026-05-19 21:01

NVD link : CVE-2026-8370

Mitre link : CVE-2026-8370

CVE.ORG link : CVE-2026-8370

JSON object : View

Products Affected

No product.

CWE

CWE-250

Execution with Unnecessary Privileges

{"id": "CVE-2026-8370", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "vuln@ca.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-05-19T19:16:51.903", "references": [{"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37512", "source": "vuln@ca.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "vuln@ca.com", "description": [{"lang": "en", "value": "CWE-250"}]}], "descriptions": [{"lang": "en", "value": "Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLinux (zSeries), AIX, Solaris x64, Solaris Sparc 64 allows Privilege Escalation, Target Programs with Elevated Privileges.\n\nThis issue affects Automic Automation: < 24.4.4 HF1."}], "lastModified": "2026-05-19T21:01:06.970", "sourceIdentifier": "vuln@ca.com"}

CVE-2026-8370

JSON object

Attach tags to CVE-2026-8370

Attach tags to `CVE-2026-8370`