CVE-2025-55111 – This vulnerability allows local attackers to ac... (How to Fix)

Q: What is the severity of CVE-2025-55111?

CVE-2025-55111 has a CVSS score of 5.5 (MEDIUM). This vulnerability allows local attackers to access sensitive SSL keys, passwords, and policy files due to overly permissive file permissions in Control-M/Agent. Affected systems include out-of-support versions 9.0.18-9.0.20, potentially earlier unsupported versions, and newer versions that were upgraded from affected versions.

📋 TL;DR

This vulnerability allows local attackers to access sensitive SSL keys, passwords, and policy files due to overly permissive file permissions in Control-M/Agent. Affected systems include out-of-support versions 9.0.18-9.0.20, potentially earlier unsupported versions, and newer versions that were upgraded from affected versions.

💻 Affected Systems

Products:

BMC Control-M/Agent

Versions: 9.0.18 to 9.0.20 and potentially earlier unsupported versions; also newer versions upgraded from affected versions

Operating Systems: All platforms running Control-M/Agent

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems where files retain overly permissive permissions from previous installations or upgrades.

📦 What is this software?

Control M\/agent by Bmc

View all CVEs affecting Control M\/agent →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain access to SSL keys and passwords, enabling decryption of encrypted communications, impersonation of the agent, or lateral movement to other systems.

🟠

Likely Case

Local privilege escalation or credential theft leading to unauthorized access to sensitive data and systems managed by Control-M.

🟢

If Mitigated

Limited to information disclosure without ability to execute code or move laterally if proper access controls are in place.

🌐 Internet-Facing: LOW - Requires local system access, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Internal attackers or compromised accounts with local access can exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access to the system; exploitation involves reading files with incorrect permissions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply the security fix from BMC advisory

Vendor Advisory: https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000441965

Restart Required: No

Instructions:

1. Review BMC advisory 000441965. 2. Apply the provided security fix. 3. Verify file permissions are corrected. 4. Consider upgrading to supported versions if using out-of-support software.

🔧 Temporary Workarounds

Manual Permission Correction

all

Manually set restrictive permissions on sensitive SSL and policy files

chmod 600 /path/to/ssl/files/*
chmod 600 /path/to/keystore/files/*
chmod 600 /path/to/policy/files/*

🧯 If You Can't Patch

Implement strict access controls to limit local user access to Control-M/Agent systems
Monitor file access attempts to sensitive Control-M directories and alert on suspicious activity

🔍 How to Verify

Check if Vulnerable:

Check file permissions on SSL, keystore, and policy files in Control-M/Agent directories. Files should not be world-readable.

Check Version:

Check Control-M/Agent version using agent documentation or vendor tools

Verify Fix Applied:

Verify file permissions are restrictive (e.g., 600) and only accessible by necessary users/groups.

📡 Detection & Monitoring

Log Indicators:

Unauthorized file access attempts to Control-M directories
Changes to file permissions on sensitive Control-M files

Network Indicators:

Unexpected SSL/TLS certificate changes or authentication failures

SIEM Query:

source="*control-m*" AND (event="file_access" OR event="permission_change") AND (file_path="*/ssl/*" OR file_path="*/keystore/*" OR file_path="*/policy/*")

📊 Metadata

CVE ID: CVE-2025-55111

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-276

EPSS Score: 0.01% exploit probability (1.1th percentile)

Published: September 16, 2025

Last Updated: September 29, 2025

🔗 References

https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000441965 Vendor Advisory
https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000442099 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-55111, you might also want to check these: