OMI Remote Code Execution Flaw Allows Attackers to Take Control of Systems
CVE-2024-21334

9.8CRITICAL

Key Information:

Vendor: Microsoft
Status: System Center Operations Manager (scom) 2019; System Center Operations Manager (scom) 2022; Open Management Infrastructure
Vendor: CVE Published:; 12 March 2024

Badges

👾 Exploit Exists

Summary

A vulnerability exists in the Open Management Infrastructure (OMI) that allows for remote code execution, potentially enabling an attacker to execute arbitrary code on affected systems. This can lead to unauthorized access, data manipulation, and other malicious activities if proper mitigation measures are not taken. Organizations utilizing OMI should prioritize reviewing their deployments and applying necessary updates to safeguard their systems.

Affected Version(s)

Open Management Infrastructure Unknown 16.0

System Center Operations Manager (SCOM) 2019 Unknown 10.19.0 < 10.19.1253.0

System Center Operations Manager (SCOM) 2022 Unknown 10.22.0 < 10.22.1070.0

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

EPSS Score

8% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Mar 13, 2024
👾
Exploit known to exist
Mar 13, 2024
Vulnerability published
Mar 12, 2024
Vulnerability Reserved
Dec 8, 2023