Privilege Escalation Vulnerability in Broadcom Automic Automation Agent on Unix Systems
CVE-2026-8370

8.5HIGH

Key Information:

Vendor: Broadcom
Status: Automic Automation
Vendor: CVE Published:; 19 May 2026

What is CVE-2026-8370?

A vulnerability in the Broadcom Automic Automation Agent for Unix platforms allows attackers to execute programs with unnecessary elevated privileges. This can lead to unauthorized access and control over the affected systems. Specifically, the vulnerability affects versions prior to 24.4.4 HF1 across multiple Unix environments, including Linux and AIX, highlighting the need for immediate updates to secure systems against potential exploits.

Affected Version(s)

Automic Automation Linux x64 < 24.4.4 HF1 < 24.4.4 HF1

Automic Automation Linux x64 24.4.4 HF1 or later

Automic Automation Linux x64 26.0.0

References

https://support.broadcom.com/web/ecx/support-content-noti...

vendor-advisory

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 19, 2026
Vulnerability Reserved
May 11, 2026

Credit

David Suchy, Citadelo (citadelo.com)

CVE-2026-8370 Data

JSON