WMI stands for Windows Management Instrumentation®, a technological invention of Microsoft®, whose purpose is to manage the different operational environments of the Windows® operating system.
WMI allows scripting languages (such as Windows PowerShell or VBScript) to manage personal computers and servers running Microsoft Windows®, by default, both locally and remotely. Microsoft® provides a command line interface for WMI called Windows Management Instrumentation Command-line (WMIC) which is used by Pandora FMS to perform only query operations, with permission of the owners of those computers and only for monitoring purposes. For example, the
PROCESS GET NAME command returns the processes that are running.
At the end of 2021 was reported a vulnerability in WMI that can be exploited with malicious intentions so Microsoft® began to distribute a patch that raises
RPC_C_AUTHN_LEVEL_PKT_INTEGRITY to value
1, first optionally but in 2023 will be implemented in a mandatory way for that operating system. PandoraWMIC is a software that replaces WMIC and complies with the necessary security protocols (authentication credentials) and that is the fundamental difference.
Pandora FMS monitors many different operating systems, both proprietary and libre software and keeps up to date with security, for more global information see the section “PFMS security architecture”: