On 12th March 2024 Microsoft has released new UNIX\Linux packages for both SCOM 2019 and SCOM 2022 regarding to OMI Remote Code Execution Vulnerability coded CVE-2024-21334
It is stated that;
“A remote unauthenticated attacker could access the OMI instance from the Internet and send specially crafted requests to trigger a use-after-free vulnerability.”
And as an advised action;
“Customers running affected versions of SCOM (System Center Operations Manager) should update to OMI version 1.8.1-0.”
Microsoft also states that “All customers using OMI with a version below 1.8.1-0 are impacted” and “All versions >= 1.8.1-0 are safe from these vulnerabilities”
Details of the vulnerability and download links for SCOM 2019 and SCOM 2022 packages can be found in following links