Security News > 2022 > March > VMware Issues Patches for Critical Flaws Affecting Carbon Black App Control
VMware on Wednesday released software updates to plug two critical security vulnerabilities affecting its Carbon Black App Control platform that could be abused by a malicious actor to execute arbitrary code on affected installations in Windows systems.
VMware Carbon Black App Control is an application allow listing solution that's used to lock down servers and critical systems, prevent unwanted changes, and ensure continuous compliance with regulatory mandates.
CVE-2022-22951 has been described as a command injection vulnerability that could enable an authenticated, high privileged actor with network access to the VMware App Control administration interface to "Execute commands on the server due to improper input validation leading to remote code execution."
CVE-2022-22952, on the other hand, relates to a file upload vulnerability that could be weaponized by an adversary with administrative access to the VMware App Control administration interface to upload a specially crafted file and achieve code execution on the Windows instance.
The flaws affect Carbon Black App Control versions 8.5.x, 8.6.x, 8.7.x, and 8.8.x, and have been remediated in versions 8.5.14, 8.6.6, 8.7.4, and 8.8.2.
With unpatched VMware bugs becoming a lucrative attack vector, users are recommended to apply the updates to prevent potential exploitation.
News URL
https://thehackernews.com/2022/03/vmware-issues-patches-for-critical.html
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-23 | CVE-2022-22952 | Unrestricted Upload of File with Dangerous Type vulnerability in VMWare Carbon Black APP Control VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains a file upload vulnerability. | 9.1 |
2022-03-23 | CVE-2022-22951 | OS Command Injection vulnerability in VMWare Carbon Black APP Control VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains an OS command injection vulnerability. | 9.1 |