Software Engineering Institute

According to ZDI's advisory for ZDI-15-363, which has been assigned CVE-2015-7860:

"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Client Automation. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the Hewlett-Packard Client Automation agent. An attacker can send a large buffer of data to the agent which will cause a stack buffer overflow. An attacker can leverage this vulnerability to execute code under the context of the SYSTEM."

"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Client Automation. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the Hewlett-Packard Client Automation agent. An attacker can send arbitrary commands to the agent. An attacker can leverage this vulnerability to execute code under the context of the SYSTEM."

An unauthenticated remote attacker may be able to execute arbitrary code with SYSTEM privileges.

Apply an update

Accelerite previously released a hotfix and advisory for this issue in previous versions of HP Client Automation and Radia Client Automation. Affected users may contact Accelerite for hotfix information.

Persistent has addressed the issues in the latest build of Radia Client Automation version 9.1. Affected users are encouraged to update as soon as possible.