Two new VMware vulnerabilities have been disclosed, CVE-2022-22951 and CVE-2022-22952, both rated 9.1 on the CVSS scale. The flaws affect the Carbon Black App Control platform, and could be exploited in arbitrary code execution attacks against vulnerable Windows systems. The vulnerabilities were discovered by security researcher Jari Jääskelä.
CVE-2022-22951
This vulnerability has been described as an OS command injection issue.
According to the official advisory, VMware Carbon Black App Control contains an OS command injection vulnerability.
What is the known attack vector? An authenticated attacker with high privileges and network access to the app’s admin interface could execute commands on the server, as a result of improper input validation. This could then lead to remote code execution.
To fix the issue, VMware says that you need to apply the patches as described in the advisory.
CVE-2022-22952
This vulnerability is a file upload issue. A threat actor with admin access to the VMware App Control administration interface could execute code on the Windows instance where AppC Server is installed by uploading a specially crafted file, VMware said.
Applying the available patch as described in the advisory fixes the issue.
Another recently disclosed VMware vulnerability is CVE-2021-22057. The issue was described as a critical vulnerability in VMware Workspace ONE Access that specifically affected its two factor authentication (2FA) processing component.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: