Multiple vulnerabilities in Microsoft System Center

Description

Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Open Management Infrastructure (OMI) can be exploited remotely to execute arbitrary code.
2. An elevation of privilege vulnerability in Open Management Infrastructure (OMI) can be exploited remotely to gain privileges.
3. A security feature bypass vulnerability in Microsoft Defender can be exploited remotely to bypass security restrictions.

Original advisories

• CVE-2024-21334

• CVE-2024-21330
• CVE-2024-20671

Exploitation

Public exploits exist for this vulnerability.

Related products

• Microsoft-Windows
• Microsoft-System-Center-Operations-Manager
• Windows-Defender

CVE list

• CVE-2024-21334
  critical
• CVE-2024-21330
  critical
• CVE-2024-20671
  high

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com