Antivirus reports PAM Transparent login executables as malicious
search cancel

Antivirus reports PAM Transparent login executables as malicious

book

Article ID: 373685

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

Antivirus software running on Windows RDP server reported these PAM EXE(s) (XsuiteTLAgent.exe, XsuiteTLLearnTool.exe and cv.exe) as malicious. How can it be addressed? 

 

 

 

Environment

All supported PAM (Privileged Access Manager) versions

Cause

Antivirus software might report these EXE(s) as malicious because they are not signed with a certificate. However, because they aren't signed currently does not make these executables vulnerable. 

Resolution

Broadcom will sign these EXE(s) (as they are associated with Broadcom's software) such that they are not automatically flagged by antivirus programs.  Exact PAM Release version and its release date for these signed EXE(s) has not yet been determined by Broadcom PAM management.

In the meantime, create an exception on these Transparent Login EXE(s) in the Antivirus software. 

Additional Information

The malicious designations of these EXE(s) are false positives evidenced by the fact that only a small number of popular scanners available on Google's virustotal.com report these  EXE(s) as a potential "generic" malware. 

 

 

Powered by Wolken Software