BMC Control-M/Agent Buffer Overflow & Memory Corruption in SSL/TLS (CVE-2025-55117/118)

Critical Vulnerability Information Vulnerability IDs CVE-2025-55117: Control-M/Agent buffer overflow in SSL/TLS communication CVE-2025-55118: Control-M/Agent memory corruption in SSL/TLS communication Affected Versions Control-M/Agent 9.0.22 and lower Vulnerability Severity CVE-2025-55117: Medium (5.3) CVE-2025-55118: High (8.9) Vulnerability Description CVE-2025-55117: When SSL/TLS communication is configured, Control-M/Agent may trigger a remote buffer overflow during error message formatting. CEV-2025-55118: When SSL/TLS communication is configured, Control-M/Agent may suffer from memory corruption. Conditions for Exploitation For Control-M/Agent 9.0.21 and 9.0.22: If the Agent configuration sets "JAVA_AR=N" in the CONFIG.dat file and "use_openssl" is set to "N" in the site.plc file. For Control-M/Agent 9.0.20 and earlier: If SSL/TLS configuration sets "use_openssl" to a non-default value in the site.plc file. Remediation Steps 1. Identify Control-M/Agents Using SSL/TLS Communication - Open Control-M Configuration Manager (CCM). - If the SSL column is not visible, right-click any column header and select “Column chooser”. - Drag the “SSL” column into the column view. - Select each Control-M/Server and view Control-M Agents in the middle pane. - In the “Type” column header, set the filter to “Control-M Agent”. - Sort by the SSL column; any agent with SSL set to “Enabled” requires action. - Create a file listing these agents by selecting “Export List” from the top dropdown menu. 2. For All Control-M/Agents 9.0.21 and 9.0.22 with SSL/TLS Enabled - Run a command to check the “JAVA_AR” parameter value. - If set to “Y”, no further action is needed. - If set to “N”, change the value to “Y” and run the update command. - Backup the CONFIG.dat file and recycle the Control-M/Agent to apply configuration changes. 3. For All Control-M/Agents 9.0.20 and Earlier with SSL/TLS Enabled - Upgrade to a fully supported Control-M/Agent version. - Alternatively, check and correct the “use_openssl” parameter value: - Windows: Use registry query to check and correct the “use_openssl” value. - UNIX/Linux: Use the grep command to check and correct the “use_openssl” value in the site.plc file.

Goal Reached Thanks to every supporter — we hit 100%!

BMC Control-M/Agent Buffer Overflow & Memory Corruption in SSL/TLS (CVE-2025-55117/118)