CVE-2026-20967

Summary

Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network.

Affected Software

VendorProductVersion RangeStatus
MicrosoftSystem Center Operations Manager 201910.19.0 < 10.19.10658.0affected
MicrosoftSystem Center Operations Manager 202210.22.0 < 10.22.11951.0affected
MicrosoftSystem Center Operations Manager 20251.0.0 < 10.25.10377.0affected

Weaknesses

  • CWE-20: CWE-20: Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References