[BESAdmin-Announcements] BigFix Remote Control 10.1 FP3 is now available

Announcements for BES Administrators besadmin-announcements at bigmail.bigfix.com
Mon Jul 28 09:35:38 PDT 2025 

HCL Software is pleased to announce the availability of BigFix Remote
Control version 10.1 FP3



**Fixed vulnerabilities**

HCL BigFix Remote Control version 10.1.0 FP2 and before are affected by the
following security vulnerabilities:

- CVE-2025-31965: Standard users could view some Admin pages into the
Server.    Affected components: Remote Control Server.

- CVE-2024-13176: Timing side-channel in ECDSA signature computation
(OpenSSL). Affected components: Remote Control Target, Remote Control
Broker, Remote Control Gateway.


***Important Notice: AES 256 cryptographic algorithm enabled by default***

With the new version of IBM WAS Liberty, AES 256 is now the default
cryptographic algorithm, replacing AES 128 for stronger security.
To ensure seamless operation and leverage this enhanced encryption, we
highly recommend you regenerate your SAML Metadata.
If FIPS is enabled, this step is mandatory. You must regenerate your SAML
Metadata to encrypt passwords with AES 256, as AES 128 encrypted passwords
are no longer supported.
You can regenerate the SAML Metadata during the Remote Control Server
upgrade procedure by selecting the appropriate flag. After regenerating the
metadata, please remember to re-register with your Identity Provider.


 ***Resolved Defect Articles:***

*- *KB0119265: Remote control access shows a gray screen when connecting

- KB0119643: Broker crash issue

- KB0121115: Self-signed error for Root certificate with Reverse Proxy
enabled on the Broker

- KB0120278: Login disclaimer of the RC Server allows to bypass

- KB0122763: Increased CPU usage of the RC Server with duplicate GUIDs of
Unattended Targets



***Published site version:***

Remote Control, site version 80 (Build Number 10.1.0.0326)



With kind regards,

      The BigFix Remote Control Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20250728/aa35afab/attachment.html>

More information about the Besadmin-announcements mailing list