This Metasploit module exploits the trusted $PATH environment variable of the SUID binary omniresolve in Micro Focus (HPE) Data Protector versions A.10.40 and below. The omniresolve executable calls the oracleasm binary using a relative path and the trusted environment $PATH, which allows an attacker to execute a custom binary with root privileges.
197967db244e27202009402db1e1d26c3d47f8f13b8233e38059fe7d6f165aa2