Vulnerabilities

CVE-2025-55112

by Fred · 16/09/2025

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 (and potentially earlier unsupported versions) that are configured to use the non-default Blowfish cryptography algorithm use a hardcoded key. An attacker with access to network traffic and to this key could decrypt network traffic between the Control-M/Agent and Server.

More information : https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000441966

Similar

Tags: Cybersecurity Alert