A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / security-advisories / Critical Vulnerability in VMware Carbon Black App Control (CVE-2023-20858)

Critical Vulnerability in VMware Carbon Black App Control (CVE-2023-20858)

Advisory No: TZCERT/SA/2023/02/24

Date of First Release: 24th February 2023

Source: VMWARE

Software Affected:  App Control: 8.9.x, 8.8.x, 8.7.x ( Running on Windows)

Overview:

VMware has released patches to address a critical security vulnerability affecting Carbon Black App Control, an enterprise solution for preventing untrusted software from executing on critical systems and endpoints. This vulnerability could allow attackers to take control of a affected system.

Description:

This injection vulnerability is tracked as CVE-2023-20858 (CVSS score: 9.1). An attacker with privileged access to the App Control administration console may be able to use specially crafted input allowing access to the underlying server operating system.

Impact:

Successful exploitation of this vulnerability may allow the attacker to control of the affected system.

Solution:

VMware has released a patch for this vulnerability. Users and administrators are encouraged to apply necessary updates.

References:

  1. https://www.vmware.com/security/advisories/VMSA-2023-0004.html

Best free WordPress theme

Check Also

HPE Superdome Flex, Superdome Flex 280 and Compute Scale-up Server 3200 Servers Arbitrary Code Execution (CVE-2021-38578)

Advisory No: TZCERT/SA/2024/04/19 Date of First Release: 19th April 2024 Source: Hewlett Packard Enterprise (HPE) …

DISCLAIMER |FAQ |CONTACT US
Tanzania Computer Emergency Response Team © Copyright 2024, All Rights Reserved.