cve 2026 20967

About this tag
CVE-2026-20967 is an authenticated, network-based elevation-of-privilege vulnerability in Microsoft System Center Operations Manager (SCOM). It stems from improper input validation, allowing a lower-privileged user to escalate privileges across the network. Microsoft addressed this flaw in a security update released on March 10, 2026, as part of its Patch Tuesday cycle. The vulnerability is relevant for enterprise IT administrators managing SCOM deployments, who should apply the update to mitigate the risk of privilege escalation attacks.
  1. SCOM CVE-2026-20967: Authenticated Network Privilege Escalation Patch

    Microsoft released a security update on March 10, 2026 addressing an authenticated, network-based elevation-of-privilege (EoP) vulnerability in System Center Operations Manager (SCOM) tracked as CVE-2026-20967 — a bug stemming from improper input validation that can allow an authorized but...