Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-2020 — HP Operations Agent vulnerability

15 documents7 sources

Severity

10.0CRITICALNVD

EPSS

82.3%

top 0.78%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

HP Operations Agent Msrc Windows 10 Msrc Windows 10 Version 1607 +15 more

Timeline

PublishedJul 11

Latest updateMay 13

Description

Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages18 packages

▶NVDhp/operations_agent11.0+12

▶msrcmsrc/windows_7

▶msrcmsrc/windows_10

▶msrcmsrc/windows_8.1

▶msrcmsrc/windows_rt_8.1

🔴Vulnerability Details

GHSA

GHSA-4ffx-67pc-m57m: Unspecified vulnerability in HP Operations Agent before 11↗2022-05-13

▶

💥Exploits & PoCs

Exploit-DB

libupnp 1.6.18 - Stack-based buffer overflow (DoS)↗2020-11-27

▶

Exploit-DB

CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow↗2020-03-02

▶

Exploit-DB

Microsoft Windows 10 - Theme API 'ThemePack' File Parsing↗2020-01-29

▶

Exploit-DB

HP Operations Agent - Opcode 'coda.exe' 0x8c Buffer Overflow (Metasploit)↗2012-10-29

▶

Metasploit

HP Operations Agent Opcode coda.exe 0x8c Buffer Overflow↗

▶

🕵️Threat Intelligence

Unit42

Threat Brief: Microsoft DNS Server Wormable Vulnerability CVE-2020-1350↗2020-07-21

▶