cvedb.io
CVE-2026-2123
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2026-03-31T18:16:46.293 · Last modified 2026-06-17T10:30:21.740

Summary

A security audit identified a privilege escalation vulnerability in Operations Agent(<=OA 12.29) on Windows. Under specific conditions Operations Agent may run executables from specific writeable locations.Thanks to Manuel Rickli & Philippe Leiser of Oneconsult AG for reporting this vulnerability

Affected products

microfocus — operations_agent

Does this affect you?

Add your gear to cvedb and we'll alert you only when microfocus ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.