Exploitation Summary
EIP tracks 1 public exploit for CVE-2019-19231. PoCs published by hessandrew.
AI-analyzed exploit summary The repository contains only a README with a link to a security notice but no exploit code or technical details. It lacks any functional PoC or analysis.
Description
An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges.
Exploits (1)
nomisec
STUB
1 stars
by hessandrew · poc
https://github.com/hessandrew/CVE-2019-19231
The repository contains only a README with a link to a security notice but no exploit code or technical details. It lacks any functional PoC or analysis.
Classification
Stub 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target:
CA Client Automation Agent for Windows
No auth needed
devstral-2 · analyzed Feb 19, 2026
Full analysis →
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
https://techdocs.broadcom.com/us/product-content/recommended-reading/security-notices/CA20191218-01-security-notice-for-ca-client-automation-agent-for-windows.html
Mailing List, Third Party Advisory mailing-list
x_refsource_bugtraq
https://seclists.org/bugtraq/2019/Dec/41
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/155758/CA-Client-Automation-14.x-Privilege-Escalation.html
Mailing List, Third Party Advisory mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2020/Jan/5
Scores
CVSS v3
7.3
EPSS
0.0062
EPSS Percentile
45.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-65
Status
published
Products (4)
broadcom/ca_client_automation
14.0
broadcom/ca_client_automation
14.1
broadcom/ca_client_automation
14.2
broadcom/ca_client_automation
14.3
Published
Dec 20, 2019
Tracked Since
Feb 18, 2026