CVE-2025-55110

EUVD-2025-29573
Control-M/Agents use a kdb or PKCS#12 keystore by default, and the default keystore password is well known and documented.

An attacker with read access to the keystore could access sensitive data using this password.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
airbusCNA
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
bmccontrol-m\/agent
9.0.22
CNA
bmccontrol-m\/agent
9.0.21
CNA
bmccontrol-m\/agent
9.0.20
CNA
bmccontrol-m\/agent
9.0.19
CNA
bmccontrol-m\/agent
9.0.18
CNA
Common Weakness Enumeration
References
https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000441964
https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000442099