A critical security vulnerability, identified as CVE-2024-21334, has been discovered in the Open Management Infrastructure (OMI), with the potential for remote code execution. Released on Mar 12, 2024, the vulnerability is attributed to Microsoft, with a maximum severity level categorized as “Important” according to the Common Vulnerability Scoring System. The impact encompasses high confidentiality, integrity, and availability risks, with confirmed report confidence.
The OMI Remote Code Execution vulnerability carries an exploitation risk, especially if the affected Linux machines have enabled network listening for OMI incoming ports. An attacker, with remote and unauthenticated access, could exploit a use-after-free vulnerability by sending specially crafted requests to the OMI instance from the Internet. To protect against this risk, affected versions of System Center Operations Manager (SCOM) must be updated to OMI version 1.8.1-0.
Acknowledgements for identifying and reporting the vulnerability are attributed to Wei in Kunlun Lab with Cyber KunLun, demonstrating the collaborative effort between the security community and organizations like Microsoft in safeguarding users through coordinated vulnerability disclosure. It is imperative for organizations to prioritize the implementation of the official fix and adopt preventive measures to mitigate the potential risks associated with the OMI Remote Code Execution vulnerability.
