Pular para o conteúdo principal

VMware Issues Patches for Critical Flaws Affecting Carbon Black App Control

VMware on Wednesday released software updates to plug two critical security vulnerabilities affecting its Carbon Black App Control platform that could be abused by a malicious actor to execute arbitrary code on affected installations in Windows systems.

Tracked as CVE-2022-22951 and CVE-2022-22952, both the flaws are rated 9.1 out of a maximum of 10 on the CVSS vulnerability scoring system. Credited with reporting the two issues is security researcher Jari Jääskelä.

That said, successful exploitation of the vulnerabilities banks on the prerequisite that the attacker is already logged in as an administrator or a highly privileged user.

VMware Carbon Black App Control is an application allow listing solution that's used to lock down servers and critical systems, prevent unwanted changes, and ensure continuous compliance with regulatory mandates.

CVE-2022-22951 has been described as a command injection vulnerability that could enable an authenticated, high privileged actor with network access to the VMware App Control administration interface to "execute commands on the server due to improper input validation leading to remote code execution."

CVE-2022-22952, on the other hand, relates to a file upload vulnerability that could be weaponized by an adversary with administrative access to the VMware App Control administration interface to upload a specially crafted file and achieve code execution on the Windows instance.

The flaws affect Carbon Black App Control versions 8.5.x, 8.6.x, 8.7.x, and 8.8.x, and have been remediated in versions 8.5.14, 8.6.6, 8.7.4, and 8.8.2. With unpatched VMware bugs becoming a lucrative attack vector, users are recommended to apply the updates to prevent potential exploitation.


Postagens mais visitadas deste blog

Password Reset Hack Exposed in Honda's E-Commerce Platform, Dealers Data at Risk

Security vulnerabilities discovered in Honda's e-commerce platform could have been exploited to gain unrestricted access to sensitive dealer information. "Broken/missing access controls made it possible to access all data on the platform, even when logged in as a test account," security researcher Eaton Zveare said in a report published last week. The platform is designed for the sale of power http://dlvr.it/SqbFDX

All You Need to Know About Emotet in 2022

For 6 months, the infamous Emotet botnet has shown almost no activity, and now it's distributing malicious spam. Let's dive into details and discuss all you need to know about the notorious malware to combat it. Why is everyone scared of Emotet? Emotet is by far one of the most dangerous trojans ever created. The malware became a very destructive program as it grew in scale and sophistication. http://dlvr.it/SdR6Bq

"Polymath" Plataforma Baseada na Ethereum Blockchain Poderia Revolucionar Transações de Valores Mobiliários

As ofertas iniciais de moedas (Em inglês Initial Coin Offerings -  ICO ) arrecadaram mais de US $ 4 bilhões de dólares desde 2013, e as agências governamentais estão analisando suas implicações regulatórias. Alguns tokens emitidos através dessa oferta podem ser considerados "tokens de valores mobiliários" e até mesmo em violação das leis de valores mobiliários. Um novo, o protocolo descentralizado, no entanto, está se preparando para tornar mais fácil do que nunca a emissão de toques de cadeias de blocos com recursos. E isso inclui valores mobiliários. "O Polymath facilita os tokens de títulos na cadeia de blocos através de uma rede de participantes coordenados que são incentivados pela POLY, nosso token nativo", disse o Fundador e CEO da Polymath , Trevor Koverko, à CCN. "Nós criamos um novo padrão de token que faz os requisitos necessários, como KYC e AML, nos próprios tokens". A plataforma Polymath destina-se a reduzir as barreiras para