CVE-2026-20967

Published: Mar 10, 2026 Last Modified: Mar 13, 2026
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 8,8
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high

Description

AI Translation Available

Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0009
Percentile
0,2th
Updated

EPSS Score Trend (Last 6 Days)

20

Improper Input Validation

Stable
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Confidentiality Integrity
Potential Impacts:
Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Read Memory Read Files Or Directories Modify Memory Execute Unauthorized Code Or Commands
Applicable Platforms
All platforms may be affected
Likelihood of Exploit: High
View CWE Details
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2019
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_2_hotfix:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2025
cpe:2.3:a:microsoft:system_center_operations_manager:2025:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2019
cpe:2.3:a:microsoft:system_center_operations_manager:2019:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2019
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_4_hotfix:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2019
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_1_hotfix:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2019
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_5_hotfix:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2019
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_1:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2022
cpe:2.3:a:microsoft:system_center_operations_manager:2022:update_rollup_2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2019
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_4:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2019
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2022
cpe:2.3:a:microsoft:system_center_operations_manager:2022:update_rollup_1:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2022
cpe:2.3:a:microsoft:system_center_operations_manager:2022:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2025
cpe:2.3:a:microsoft:system_center_operations_manager:2025:update_rollup_1:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2019
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_5:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2019
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_6:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2022
cpe:2.3:a:microsoft:system_center_operations_manager:2022:update_rollup_2_hotfix:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2019
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_3:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2019
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_3_hotfix:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2022
cpe:2.3:a:microsoft:system_center_operations_manager:2022:update_rollup_3:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

System Center Operations Manager by Microsoft

Product Information
Vendor Microsoft
Product System Center Operations Manager
Version 2022
cpe:2.3:a:microsoft:system_center_operations_manager:2022:update_rollup_1_hotfix:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2…
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20967