Security News > 2021 > June > Critical Auth Bypass Bug Affects VMware Carbon Black App Control
VMware has rolled out security updates to resolve a critical flaw affecting Carbon Black App Control that could be exploited to bypass authentication and take control of vulnerable systems.
CVE-2021-21998 is the second time VMware is addressing an authentication bypass issue in its Carbon Black endpoint security software.
Earlier this April, the company fixed an incorrect URL handling vulnerability in the Carbon Black Cloud Workload appliance that could be exploited to gain access to the administration API. That's not all.
VMware also patched a local privilege escalation bug affecting VMware Tools for Windows, VMware Remote Console for Windows, and VMware App Volumes that could allow a bad actor to execute arbitrary code on affected systems.
"An attacker with normal access to a virtual machine may exploit this issue by placing a malicious file renamed as 'openssl.cnf' in an unrestricted directory which would allow code to be executed with elevated privileges," VMware noted.
VMware credited Zeeshan Shaikh from NotSoSecure and Hou JingYi of Qihoo 360 for reporting the flaw.
News URL
Related news
- Exploit available for new critical TeamCity auth bypass bug, patch now (source)
- VMware fixes critical sandbox escape flaws in ESXi, Workstation, and Fusion (source)
- VMware patches critical flaws in ESXi, Workstation, Fusion and Cloud Foundation (source)
- QNAP warns of critical auth bypass flaw in its NAS devices (source)
- A critical vulnerability in Delinea Secret Server allows auth bypass, admin access (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-23 | CVE-2021-21998 | Improper Authentication vulnerability in VMWare Carbon Black APP Control VMware Carbon Black App Control 8.0, 8.1, 8.5 prior to 8.5.8, and 8.6 prior to 8.6.2 has an authentication bypass. | 7.5 |