CA20260519-01: Security Notice for Automic Automation Agent Unix
CA20260519-01: Security Notice for Automic Automation Agent Unix
Issued: 2026-05-19
Broadcom is alerting customers to a vulnerability in Automic Automation Agent Unix.
CVE-2026-8370 - a vulnerability exists in the Automic Automation Agent Unix that allows low-privileged users with execution rights on the agent executable to escalate their privileges.
Risk Rating
CVSS v4.0 Score: 8.5 / High
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
Platform(s)
Linux (x64, Power 64 BE/LE), zLinux (zSeries), AIX, Solaris (x64, Sparc 64)
Affected Products
Linux (Power 64 BE), zLinux (zSeries), Solaris (x64, Sparc 64):
Automic Automation Agent Unix < 24.4.4 HF1
Non-Affected Products
Linux (x64, Power 64 LE), AIX:
Automic Automation Agent Unix 24.0.0 or later
Linux (Power 64 BE), zLinux (zSeries), Solaris (x64, Sparc 64):
Automic Automation Agent Unix 24.4.4 HF1 or later
Automic Automation Agent Unix 26.0.0 or later
How to determine if the installation is affected
Via UI (AWI):
Check the agent version and hotfix level in client 0 in the Administration view -> Agents & Groups -> Agents.
Via Agent log:
Check the agent version and hotfix level in the first line of the log.
Furthermore, if the message 'U02000090 Java Runtime Environment version:' exists, the Agent is unaffected.
Via DB query:
Run the following select statement and check the agent version and hotfix level in the column 'host_version':
select OH.OH_Name, HOST.HOST_Version, HOST.HOST_JCLVar, HOST.HOST_HTYP_HW, HOST_HTYP_SW from OH, HOST
where OH.OH_Idnr = HOST.HOST_OH_Idnr and HOST.HOST_Unicode = 0 and HOST.HOST_JCLVar = 'UNIX' and HOST.HOST_Version is not null
Solution
Broadcom published the following solutions to address the vulnerability:
Automic Automation 24.4.4 HF1
Automic Automation 26.0.0
How to determine if the fix is applied
After installing the fix and restarting the agent, check if the fix is applied:
Via UI (AWI):
Check the agent version and hotfix level in client 0 in the Administration view -> Agents & Groups -> Agents.
Via Agent log:
Check the agent version and hotfix level in the first line of the log.
Furthermore, if the message 'U02000090 Java Runtime Environment version:' exists, the Agent is unaffected.
Via DB query:
Run the following select statement and check the agent version and hotfix level in the column 'host_version':
select OH.OH_Name, HOST.HOST_Version, HOST.HOST_JCLVar, HOST.HOST_HTYP_HW, HOST_HTYP_SW from OH, HOST
where OH.OH_Idnr = HOST.HOST_OH_Idnr and HOST.HOST_Unicode = 0 and HOST.HOST_JCLVar = 'UNIX' and HOST.HOST_Version is not null
References
CVE-2026-8370 - Automic Automation Agent Unix privilege escalation
Acknowledgement
CVE-2026-8370 - David Suchy, Citadelo (citadelo.com)
Change History
Version 1.0: 2026-05-19 - Initial Release
Broadcom customers may receive product alerts and advisories by subscribing to Product Notifications.
Customers who require additional information about this notice may contact Broadcom Support at https://support.broadcom.com/.
To report a suspected vulnerability in a Broadcom product, please contact the Broadcom Product Security Incident Response Team.
Copyright © 2026 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries. Broadcom, the pulse logo, Connecting everything, CA Technologies and the CA Technologies logo are among the trademarks of Broadcom. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies.