CVE-2026-8370

🔶 medium

Summary

Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLinux (zSeries), AIX, Solaris x64, Solaris Sparc 64 allows Privilege Escalation, Target Programs with Elevated Privileges. This issue affects Automic Automation: < 24.4.4 HF1.

CVSS Score

EPSS Score

Published Date

2026-05-19

First Seen: 2026-05-20

🎯 CISA SSVC Assessment Updated: May 19, 2026

🔍 Exploitation Status

None

No known exploits

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Total

Complete system compromise possible

🏆 Discovered By

David Suchy, Citadelo (citadelo.com)

SSVC data provided by CISA

Last Modified 2026-05-19

Source NVD 🔗

CVSS Vector 4.0

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE IDs (Weakness Types)

CWE-250

CVE-2026-8370

Summary

🎯 CISA SSVC Assessment Updated: May 19, 2026

📦 Affected Products 0

🔗 References 1