VMware on Wednesday introduced program updates to plug two critical security vulnerabilities impacting its Carbon Black Application Handle platform that could be abused by a malicious actor to execute arbitrary code on affected installations in Windows techniques.
Tracked as CVE-2022-22951 and CVE-2022-22952, both the flaws are rated 9.1 out of a optimum of 10 on the CVSS vulnerability scoring method. Credited with reporting the two issues is security researcher Jari Jääskelä.
That explained, effective exploitation of the vulnerabilities banks on the prerequisite that the attacker is now logged in as an administrator or a highly privileged user.
VMware Carbon Black App Regulate is an software let listing remedy which is applied to lock down servers and critical programs, prevent unwanted modifications, and assure constant compliance with regulatory mandates.
CVE-2022-22951 has been explained as a command injection vulnerability that could allow an authenticated, significant privileged actor with network obtain to the VMware App Manage administration interface to “execute commands on the server thanks to improper input validation leading to remote code execution.”
CVE-2022-22952, on the other hand, relates to a file add vulnerability that could be weaponized by an adversary with administrative entry to the VMware App Command administration interface to upload a specifically crafted file and reach code execution on the Windows occasion.
The flaws have an effect on Carbon Black Application Handle versions 8.5.x, 8.6.x, 8.7.x, and 8.8.x, and have been remediated in variations 8.5.14, 8.6.6, 8.7.4, and 8.8.2. With unpatched VMware bugs starting to be a valuable attack vector, consumers are proposed to apply the updates to avoid potential exploitation.
Found this short article appealing? Observe THN on Facebook, Twitter and LinkedIn to read more exclusive written content we publish.
Some parts of this report are sourced from: