CVE-2019-17044

HIGH

BMC Patrol Agent 9.0.10i - Local Privilege Escalation via SUID Binary Shared Library Injection

Title source: llm
STIX 2.1

Description

An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the PatrolAgent SUID binary could allow an attacker with "patrol" privileges to elevate his/her privileges to the ones of the "root" user by specially crafting a shared library .so file that will be loaded during execution.

Scores

CVSS v3 7.8
EPSS 0.0039
EPSS Percentile 31.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-276
Status published
Products (1)
bmc/patrol_agent 9.0.10i
Published Oct 14, 2019
Tracked Since Feb 18, 2026