Open Management Infrastructure (OMI) Remote Code Execution Vulnerability
The vulnerability is classified as CWE-416 (use-after-free), meaning that an attacker can cause the OMI process to reference a memory area that has already been freed. Through the network, without any required privileges, it is possible to trigger unpredictable behavior of the process and gain control over code execution. The attack vector is network-based and attack complexity is low, which means a low barrier to entry for a potential attacker.
Successful exploitation of this vulnerability allows an attacker to execute arbitrary code remotely (RCE) in the context of the OMI process, which may lead to complete system takeover, violation of data confidentiality and integrity, and loss of service availability.
Patches available from the vendor should be applied according to references — update described in Microsoft Security Response Center at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21334
Microsoft Open Management Infrastructure and Microsoft System Center Operations Manager — versions indicated in vendor references
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HMicrosoft Open Management Infrastructure
APPMicrosoft< 1.8.1-0Microsoft System Center Operations Manager
APPMicrosoft20192022
Related vulnerabilities
Open Management Infrastructure Remote Code Execution Vulnerability
Open Management Infrastructure Elevation of Privilege Vulnerability
Open Management Infrastructure Elevation of Privilege Vulnerability
Open Management Infrastructure Elevation of Privilege Vulnerability
Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privile...