CVE-2025-55109 is an authentication bypass vulnerability classified under CWE-295 (Improper Certificate Validation) affecting BMC Control-M/Agent versions 9.0.18 through 9.0.20 and potentially earlier unsupported versions. The vulnerability stems from the improper handling of client authentication certificates when the Control-M/Agent uses either an empty or default kdb keystore or a default PKCS#12 keystore. Specifically, the agent trusts hardcoded fallback certificates if the kdb keystore is empty; these certificates are expired but still accepted under certain conditions. Additionally, the default keystores contain trusted third-party certificates, including external recognized certificate authorities and self-signed demo certificates, which are accepted for client authentication. This flawed trust model allows a remote attacker possessing a signed third-party or demo certificate to bypass the requirement for a certificate signed by the organization's certificate authority, effectively circumventing authentication controls. The vulnerability does not require prior authentication or user interaction and can be exploited remotely over the network. The CVSS 4.0 vector indicates network attack vector, high attack complexity, partial attack prerequisites, no privileges required, no user interaction, and high impacts on confidentiality, integrity, and availability, resulting in a critical severity score of 9.5. Although no known exploits are currently reported in the wild, the presence of expired and default trusted certificates combined with improper validation makes this a high-risk vulnerability. The affected Control-M/Agent versions are out of official support, complicating patch availability and increasing exposure. Organizations relying on these versions for workload automation and job scheduling should consider immediate mitigation steps and upgrade paths.

The impact of CVE-2025-55109 is severe for organizations worldwide using affected versions of BMC Control-M/Agent. Successful exploitation allows remote attackers to bypass authentication mechanisms, granting unauthorized access to the agent. This can lead to unauthorized job scheduling, manipulation of automated workflows, data exfiltration, or disruption of critical business processes. The compromise of Control-M/Agent could also serve as a pivot point for lateral movement within enterprise networks, potentially exposing sensitive systems and data. Given the high availability and integrity impacts, organizations may face operational downtime, financial losses, and reputational damage. The vulnerability is particularly critical because it requires no user interaction and no prior credentials, increasing the likelihood of exploitation once discovered. The lack of official support and patches for affected versions exacerbates the risk, as organizations may struggle to remediate promptly. Industries relying heavily on Control-M for automation, such as finance, healthcare, manufacturing, and government, are at heightened risk of operational disruption and data breaches.

1. Upgrade to the latest supported version of BMC Control-M/Agent where this vulnerability is addressed. If an upgrade is not immediately possible, consider isolating affected agents from untrusted networks to reduce exposure. 2. Replace default or empty kdb and PKCS#12 keystores with properly configured keystores containing only trusted certificates signed by the organization's certificate authority. Remove any hardcoded or demo certificates from the keystores. 3. Implement network-level access controls such as firewalls and VPNs to restrict access to Control-M/Agent interfaces only to authorized management systems. 4. Monitor Control-M/Agent logs and network traffic for unusual authentication attempts or connections using third-party or demo certificates. 5. Employ multi-factor authentication and additional layers of identity verification where possible to supplement certificate-based authentication. 6. Conduct regular audits of certificate stores and authentication configurations to ensure compliance with security policies. 7. Engage with BMC support or security advisories for any available patches or workarounds and apply them promptly. 8. Develop and test incident response plans specifically addressing potential Control-M/Agent compromise scenarios.