Vulnerability Note VU#966927
HP Client Automation and Radia Client Automation is vulnerable to remote code execution
Radia Client Automation (previously sold under the name HP Client Automation) agent prior to version 9.1 is vulnerable to arbitrary remote code execution.
According to ZDI's advisory for ZDI-15-363, which has been assigned CVE-2015-7860:
"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Client Automation. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the Hewlett-Packard Client Automation agent. An attacker can send a large buffer of data to the agent which will cause a stack buffer overflow. An attacker can leverage this vulnerability to execute code under the context of the SYSTEM."
According to ZDI's advisory for ZDI-15-364, which has been assigned CVE-2015-7861:
The specific flaw exists within the Hewlett-Packard Client Automation agent. An attacker can send arbitrary commands to the agent. An attacker can leverage this vulnerability to execute code under the context of the SYSTEM."
These vulnerabilities impact the Role-Based Access and Remote Notify features of HP Client Automation.
Since 2013, the HP Client Automation software is now developed by Persistent Systems (and its subsidiary Accelerite) under the name Radia Client Automation.
An unauthenticated remote attacker may be able to execute arbitrary code with SYSTEM privileges.
Apply an update
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Hewlett-Packard Company||Affected||-||14 Oct 2015|
|Persistent Systems||Affected||-||14 Aug 2017|
CVSS Metrics (Learn More)
This document was written by Garret Wassermann.
- CVE IDs: CVE-2015-7860 CVE-2015-7861
- Date Public: 20 Jul 2015
- Date First Published: 20 Oct 2015
- Date Last Updated: 14 Aug 2017
- Document Revision: 32
If you have feedback, comments, or additional information about this vulnerability, please send us email.