CVE-2026-2123 - Vulnerability Details - OpenCVE

A security audit identified a privilege escalation vulnerability in Operations Agent(<=OA 12.29) on Windows. Under specific conditions Operations Agent may run executables from specific writeable locations.Thanks to Manuel Rickli & Philippe Leiser of Oneconsult AG for reporting this vulnerability

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction Passive

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact High

Subsequent System Integrity Impact High

Subsequent System Availability Impact High

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable no

Technical Impact total

No data.

No data.

No data.

No data.

References

Link	Providers
https://portal.microfocus.com/s/article/KM000046068

History

Tue, 31 Mar 2026 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 31 Mar 2026 17:30:00 +0000

Type	Values Removed	Values Added
Description		A security audit identified a privilege escalation vulnerability in Operations Agent(<=OA 12.29) on Windows. Under specific conditions Operations Agent may run executables from specific writeable locations.Thanks to Manuel Rickli & Philippe Leiser of Oneconsult AG for reporting this vulnerability
Title		Privilege escalation vulnerability in Operations Agent
Weaknesses		CWE-280
References		https://portal.microfocus.com/s/article/KM000046068
Metrics		cvssV4_0 `{'score': 8.6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}`

MITRE

Status: PUBLISHED

Assigner: OpenText

Published: 2026-03-31T17:18:43.202Z

Updated: 2026-03-31T18:00:56.901Z

Reserved: 2026-02-06T14:55:51.920Z

Link: CVE-2026-2123

Vulnrichment

Updated: 2026-03-31T18:00:14.961Z

NVD

Status : Received

Published: 2026-03-31T18:16:46.293

Modified: 2026-03-31T18:16:46.293

Link: CVE-2026-2123

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2123", "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84", "state": "PUBLISHED", "assignerShortName": "OpenText", "dateReserved": "2026-02-06T14:55:51.920Z", "datePublished": "2026-03-31T17:18:43.202Z", "dateUpdated": "2026-03-31T18:00:56.901Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "f81092c5-7f14-476d-80dc-24857f90be84", "shortName": "OpenText", "dateUpdated": "2026-03-31T17:18:43.202Z"}, "title": "Privilege escalation vulnerability in Operations Agent", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-280", "description": "CWE-280 Improper handling of insufficient permissions or privileges", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-122", "descriptions": [{"lang": "en", "value": "CAPEC-122 Privilege Abuse"}]}], "affected": [{"vendor": "OpenText", "product": "Operations Agent", "platforms": ["Windows"], "collectionURL": "https://gitlab.otxlab.net/itom/opr/oa/OvEaAgt", "packageName": "OvEaAgt", "repo": "https://gitlab.otxlab.net/itom/opr/oa/OvEaAgt", "modules": ["libopc_r"], "programFiles": ["ntproc.c"], "versions": [{"status": "affected", "version": "OA 12.22", "lessThanOrEqual": "OA 12.29", "changes": [{"at": "OA 12.30", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "A security audit identified a privilege escalation\nvulnerability in Operations Agent(<=OA 12.29) on Windows. Under specific conditions\nOperations Agent may run executables from specific writeable locations.Thanks to Manuel Rickli & Philippe Leiser of\nOneconsult AG for reporting this vulnerability", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<div><p>A security audit identified a privilege escalation\nvulnerability in Operations Agent(<=OA 12.29) on Windows. Under specific conditions\nOperations Agent may run executables from specific writeable locations.<span>Thanks to Manuel Rickli & Philippe Leiser of\nOneconsult AG for reporting this vulnerability</span></p></div>"}]}], "tags": ["x_oa_privilege_escalation"], "references": [{"url": "https://portal.microfocus.com/s/article/KM000046068", "tags": ["customer-entitlement"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.6, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"}}], "solutions": [{"lang": "en", "value": "The hotfix can be downloaded from the\u00a0 Marketplace https://marketplace.opentext.com/itom/content/operations-agent-hotfix-for-cve-2026-2123-privilege-escalation/ \u00a0for the OA versions mentioned below.\u00a0\n\nPlease follow the readme.txt\nincluded in the hotfix zip file for\u00a0install instructions.\u00a0\n\nOA 12.24 - HFWIN_1224028.tar,\nHFWIN_1224029.tar\n\nOA 12.25 -\nHFWIN_1225045.tar,HFWIN_1225046.tar\u00a0\n\nOA 12.26 - HFWIN_1226039.tar,\nHFWIN_1226040.tar\n\nOA 12.27 - HFWIN_1227023.tar,\nHFWIN_1227024.tar\n\nOA 12.28 - HFWIN_1228020.tar,\nHFWIN_1228021.tar\n\nOA 12.29 - HFWIN_1229006.tar,\nHFWIN_1229007.tar", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>The hotfix can be downloaded from the <a href=\"https://marketplace.opentext.com/itom/content/operations-agent-hotfix-for-cve-2026-2123-privilege-escalation/\" title=\"https://marketplace.opentext.com/itom/content/operations-agent-hotfix-for-cve-2026-2123-privilege-escalation/\">Marketplace</a> for the OA versions mentioned below. </p><p>Please follow the readme.txt\nincluded in the hotfix zip file for install instructions. </p><p>OA 12.24 - HFWIN_1224028.tar,\nHFWIN_1224029.tar</p><p>OA 12.25 -\nHFWIN_1225045.tar,HFWIN_1225046.tar </p><p>OA 12.26 - HFWIN_1226039.tar,\nHFWIN_1226040.tar</p><p>OA 12.27 - HFWIN_1227023.tar,\nHFWIN_1227024.tar</p><p>OA 12.28 - HFWIN_1228020.tar,\nHFWIN_1228021.tar</p><p>OA 12.29 - HFWIN_1229006.tar,\nHFWIN_1229007.tar</p><p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n</p><p> </p>"}]}], "source": {"defect": ["2761008"], "advisory": "2761008", "discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-31T17:58:14.103027Z", "id": "CVE-2026-2123", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T18:00:56.901Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2123", "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84", "state": "PUBLISHED", "assignerShortName": "OpenText", "dateReserved": "2026-02-06T14:55:51.920Z", "datePublished": "2026-03-31T17:18:43.202Z", "dateUpdated": "2026-03-31T18:00:56.901Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "f81092c5-7f14-476d-80dc-24857f90be84", "shortName": "OpenText", "dateUpdated": "2026-03-31T17:18:43.202Z"}, "title": "Privilege escalation vulnerability in Operations Agent", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-280", "description": "CWE-280 Improper handling of insufficient permissions or privileges", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-122", "descriptions": [{"lang": "en", "value": "CAPEC-122 Privilege Abuse"}]}], "affected": [{"vendor": "OpenText", "product": "Operations Agent", "platforms": ["Windows"], "collectionURL": "https://gitlab.otxlab.net/itom/opr/oa/OvEaAgt", "packageName": "OvEaAgt", "repo": "https://gitlab.otxlab.net/itom/opr/oa/OvEaAgt", "modules": ["libopc_r"], "programFiles": ["ntproc.c"], "versions": [{"status": "affected", "version": "OA 12.22", "lessThanOrEqual": "OA 12.29", "changes": [{"at": "OA 12.30", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "A security audit identified a privilege escalation\nvulnerability in Operations Agent(<=OA 12.29) on Windows. Under specific conditions\nOperations Agent may run executables from specific writeable locations.Thanks to Manuel Rickli & Philippe Leiser of\nOneconsult AG for reporting this vulnerability", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<div><p>A security audit identified a privilege escalation\nvulnerability in Operations Agent(<=OA 12.29) on Windows. Under specific conditions\nOperations Agent may run executables from specific writeable locations.<span>Thanks to Manuel Rickli & Philippe Leiser of\nOneconsult AG for reporting this vulnerability</span></p></div>"}]}], "tags": ["x_oa_privilege_escalation"], "references": [{"url": "https://portal.microfocus.com/s/article/KM000046068", "tags": ["customer-entitlement"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.6, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"}}], "solutions": [{"lang": "en", "value": "The hotfix can be downloaded from the\u00a0 Marketplace https://marketplace.opentext.com/itom/content/operations-agent-hotfix-for-cve-2026-2123-privilege-escalation/ \u00a0for the OA versions mentioned below.\u00a0\n\nPlease follow the readme.txt\nincluded in the hotfix zip file for\u00a0install instructions.\u00a0\n\nOA 12.24 - HFWIN_1224028.tar,\nHFWIN_1224029.tar\n\nOA 12.25 -\nHFWIN_1225045.tar,HFWIN_1225046.tar\u00a0\n\nOA 12.26 - HFWIN_1226039.tar,\nHFWIN_1226040.tar\n\nOA 12.27 - HFWIN_1227023.tar,\nHFWIN_1227024.tar\n\nOA 12.28 - HFWIN_1228020.tar,\nHFWIN_1228021.tar\n\nOA 12.29 - HFWIN_1229006.tar,\nHFWIN_1229007.tar", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>The hotfix can be downloaded from the <a href=\"https://marketplace.opentext.com/itom/content/operations-agent-hotfix-for-cve-2026-2123-privilege-escalation/\" title=\"https://marketplace.opentext.com/itom/content/operations-agent-hotfix-for-cve-2026-2123-privilege-escalation/\">Marketplace</a> for the OA versions mentioned below. </p><p>Please follow the readme.txt\nincluded in the hotfix zip file for install instructions. </p><p>OA 12.24 - HFWIN_1224028.tar,\nHFWIN_1224029.tar</p><p>OA 12.25 -\nHFWIN_1225045.tar,HFWIN_1225046.tar </p><p>OA 12.26 - HFWIN_1226039.tar,\nHFWIN_1226040.tar</p><p>OA 12.27 - HFWIN_1227023.tar,\nHFWIN_1227024.tar</p><p>OA 12.28 - HFWIN_1228020.tar,\nHFWIN_1228021.tar</p><p>OA 12.29 - HFWIN_1229006.tar,\nHFWIN_1229007.tar</p><p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n</p><p> </p>"}]}], "source": {"defect": ["2761008"], "advisory": "2761008", "discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2123", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-31T17:58:14.103027Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T18:00:14.961Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A security audit identified a privilege escalation\nvulnerability in Operations Agent(<=OA 12.29) on Windows. Under specific conditions\nOperations Agent may run executables from specific writeable locations.Thanks to Manuel Rickli & Philippe Leiser of\nOneconsult AG for reporting this vulnerability"}], "id": "CVE-2026-2123", "lastModified": "2026-03-31T18:16:46.293", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security@opentext.com", "type": "Secondary"}]}, "published": "2026-03-31T18:16:46.293", "references": [{"source": "security@opentext.com", "url": "https://portal.microfocus.com/s/article/KM000046068"}], "sourceIdentifier": "security@opentext.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-280"}], "source": "security@opentext.com", "type": "Primary"}]}