Blogresponder

**Name of the Vulnerable Software and Affected Versions** BMC Patrol Agent version 9.0.10i **Description** An issue was discovered that could allow an attacker to elevate privileges to those of the "patrol" user by specially crafting a shared library .so file that will be loaded during execution of the best1collect.exe SUID binary, due to weak execution permissions. **Recommendations** For BMC Patrol Agent version 9.0.10i, consider restricting access to the best1collect.exe SUID binary to prevent exploitation until a fix is available. Additionally, monitor the system for any suspicious activity related to the loading of shared library .so files.