High severity7.8NVD Advisory· Published Mar 31, 2026· Updated Apr 3, 2026
CVE-2026-2123
CVE-2026-2123
Description
A security audit identified a privilege escalation vulnerability in Operations Agent(<=OA 12.29) on Windows. Under specific conditions Operations Agent may run executables from specific writeable locations.Thanks to Manuel Rickli & Philippe Leiser of Oneconsult AG for reporting this vulnerability
Affected products
2cpe:2.3:a:microfocus:operations_agent:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microfocus:operations_agent:*:*:*:*:*:*:*:*range: >=12.22,<=12.29
- (no CPE)range: <=12.29
Patches
Vulnerability mechanics
References
1- portal.microfocus.com/s/article/KM000046068nvdVendor Advisory
News mentions
0No linked articles in our index yet.