VMware has rolled out security updates to take care of a critical flaw influencing Carbon Black Application Control that could be exploited to bypass authentication and get handle of vulnerable programs.
The vulnerability, identified as CVE-2021-21998, is rated 9.4 out of 10 in severity by the sector-conventional Popular Vulnerability Scoring Technique (CVSS) and impacts App Manage (AppC) versions 8..x, 8.1.x, 8.5.x, and 8.6.x.
Carbon Black Application Handle is a security remedy made to lock down critical devices and servers to avoid unauthorized variations in the encounter of cyber-attacks and be certain compliance with regulatory mandates these kinds of as PCI-DSS, HIPAA, GDPR, SOX, FISMA, and NERC.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
“A malicious actor with network accessibility to the VMware Carbon Black App Control administration server may possibly be able to attain administrative entry to the product without having the will need to authenticate,” the California-dependent cloud computing and virtualization technology firm explained in an advisory.
CVE-2021-21998 is the next time VMware is addressing an authentication bypass issue in its Carbon Black endpoint security software program. Previously this April, the company fastened an incorrect URL dealing with vulnerability in the Carbon Black Cloud Workload appliance (CVE-2021-21982) that could be exploited to get accessibility to the administration API.
That is not all. VMware also patched a nearby privilege escalation bug influencing VMware Equipment for Windows, VMware Distant Console for Windows (VMRC for Windows), and VMware Application Volumes (CVE-2021-21999, CVSS rating: 7.8) that could make it possible for a undesirable actor to execute arbitrary code on impacted programs.
“An attacker with normal accessibility to a virtual equipment may possibly exploit this issue by placing a malicious file renamed as ‘openssl.cnf’ in an unrestricted directory which would allow code to be executed with elevated privileges,” VMware observed.
VMware credited Zeeshan Shaikh (@bugzzzhunter) from NotSoSecure and Hou JingYi (@hjy79425575) of Qihoo 360 for reporting the flaw.
Identified this short article attention-grabbing? Adhere to THN on Facebook, Twitter and LinkedIn to examine far more unique content material we write-up.
Some pieces of this short article are sourced from:
thehackernews.com