ManageEngine OpManager version 12.3 suffers from a weak permissions issue in which an attacker can replace the service binary with a binary of his choice. This service runs as Localsystem thus allowing for a privilege escalation vector.
ae204681482d49485787e2089822da443639ee41864f734ff4cdc933bed5841c