Vulnerability Description
BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host.
CVSS Score
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bmc | Patrol Agent | <= 20.08.00 |
Related Weaknesses (CWE)
References
- http://web.archive.org/web/20210106175128/https://community.bmc.com/s/article/SEBroken Link
- https://community.bmc.com/s/article/SECURITY-Patrol-Agent-Local-Privilege-EscalaBroken Link
- https://webapps.bmc.com/support/faces/az/prodallversions.jsp?seqid=304517Product
- https://www.securifera.com/advisories/Third Party Advisory
- https://www.securifera.com/blog/2021/03/08/bmc-patrol-agent-domain-user-to-domaiExploitThird Party Advisory
- http://web.archive.org/web/20210106175128/https://community.bmc.com/s/article/SEBroken Link
- https://community.bmc.com/s/article/SECURITY-Patrol-Agent-Local-Privilege-EscalaBroken Link
- https://webapps.bmc.com/support/faces/az/prodallversions.jsp?seqid=304517Product
- https://www.securifera.com/advisories/Third Party Advisory
- https://www.securifera.com/blog/2021/03/08/bmc-patrol-agent-domain-user-to-domaiExploitThird Party Advisory
FAQ
What is CVE-2020-35593?
CVE-2020-35593 is a vulnerability with a CVSS score of 7.8 (HIGH). BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host.
How severe is CVE-2020-35593?
CVE-2020-35593 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-35593?
Check the references section above for vendor advisories and patch information. Affected products include: Bmc Patrol Agent.