RCE in Lenovo Xclarity Integrator For Microsoft Windows Admin Center

CVE-2026-14371

The Lenovo XClarity Integrator for Windows Admin Center plugin version 5.1.1 and below running on the WAC Gateway is vulnerable to Powershell Command Injection when establishing remote PowerShell commands.

Vulnerability class: Command Injection (OS Command Injection)

Affected products

Weakness classification (CWE)

References