Home

Description

Memory corruptions can be remotely triggered in the Control-M/Agent when SSL/TLS communication is configured. The issue occurs in the following cases: * Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "use_openssl=n"; * Control-M/Agent 9.0.21 and 9.0.22: Agent router configuration uses the non-default settings "JAVA_AR=N" and "use_openssl=n".

PUBLISHED Reserved 2025-08-07 | Published 2025-09-16 | Updated 2025-09-16 | Assigner airbus




HIGH: 8.4CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:H/VA:H/SC:L/SI:L/SA:L

HIGH: 8.9CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:H

Problem types

CWE-122 Heap-based Buffer Overflow

CWE-125 Out-of-bounds Read

CWE-787 Out-of-bounds Write

CWE-191 Integer Underflow (Wrap or Wraparound)

CWE-665 Improper Initialization

CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

CWE-415 Double Free

CWE-416 Use After Free

Product status

Default status
affected

9.0.22.000 (semver)
affected

9.0.21 (semver)
affected

9.0.20 (semver)
affected

9.0.19 (semver)
affected

9.0.18 (semver)
affected

Credits

Airbus SAS - Jean-Romain Garnier - seclab@airbus.com finder

References

bmcapps.my.site.com/.../sc_KnowledgeArticle?sfdcid=000442099 vendor-advisory

bmcapps.my.site.com/.../sc_KnowledgeArticle?sfdcid=000441972 mitigation

cve.org (CVE-2025-55118)

nvd.nist.gov (CVE-2025-55118)

Download JSON