CVE-2019-11660

HIGH

Micro Focus Data Protector <10.50 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2019-11660. PoCs published by Metasploit, s7u55, including Metasploit module exploits/linux/local/omniresolve_suid_priv_esc.

AI-analyzed exploit summary This Metasploit module exploits a SUID binary (`omniresolve`) in Micro Focus (HPE) Data Protector by manipulating the `$PATH` environment variable to execute a malicious `oracleasm` binary with root privileges.

Description

Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubylocallinux
https://www.exploit-db.com/exploits/47580

This Metasploit module exploits a SUID binary (`omniresolve`) in Micro Focus (HPE) Data Protector by manipulating the `$PATH` environment variable to execute a malicious `oracleasm` binary with root privileges.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Micro Focus (HPE) Data Protector <= A.10.40 build 118
No auth needed
Prerequisites: Access to a vulnerable system with the SUID binary present · Write permissions in a directory included in `$PATH`
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by s7u55 · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/omniresolve_suid_priv_esc.rb

This Metasploit module exploits a SUID binary (`omniresolve`) in Micro Focus (HPE) Data Protector by manipulating the `$PATH` environment variable to execute a malicious `oracleasm` binary with root privileges. It leverages a relative path vulnerability to achieve local privilege escalation.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Micro Focus (HPE) Data Protector <= A.10.40 build 118
No auth needed
Prerequisites: Presence of vulnerable `omniresolve` SUID binary · Write access to a directory in `$PATH`
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.8
EPSS 0.3422
EPSS Percentile 97.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-426
Status published
Products (1)
microfocus/data_protector 10.00 - 10.04
Published Sep 13, 2019
Tracked Since Feb 18, 2026