VMware Issues Patches for Critical Flaws in OS Command Injection Vulnerability

A critical OS Command injection and File upload vulnerabilities were affecting the VMware Carbon Black App Control (AppC). VMware has fixed the issues and has released patches for the same. The details of the vulnerability are as follows:

Advisory ID:

VMSA-2022-0008

EHA

CVSSv3 Range:

9.1

Issue Date:

2022-03-23

Updated On:

2022-03-23 (Initial Advisory)

CVE(s):

CVE-2022-22951, CVE-2022-22952

Synopsis:

VMware Carbon Black App Control update addresses multiple vulnerabilities (CVE-2022-22951, CVE-2022-22952)

Products that are impacted

  • VMware Carbon Black App Control (AppC)

CVE-2022-22951 (OS command injection vulnerability in VMware Carbon Black App Control)

Summary

An OS command Injection was found in the VMware Carbon Black App Control which was given a maximum CVSSv3 base score of 9.1 by VMware. An attacker with high privilege authentication to the VMware App Control administration interface can execute commands on the server which was due to the improper validation of input leading to remote code execution.

Remediation

For remediating this issue, VMware has released patches along with Response Matrix and Fixed version details.

Thanks to the Reporter

VMware also thanked Jari Jääskelä for reporting this issue.

CVE-2022-22952 (File Upload Vulnerability VMware Carbon Black App Control)

Summary

A file upload vulnerability was found in the VMware Carbon Black App Control which was given a maximum CVSSv3 base score of 9.1 by VMware. An attacker with high privilege authentication to the VMware App Control administration interface can execute commands on the Windows instance in which the AppC server is hosted by uploading a specially crafted file.

Remediation

For remediating this issue, VMware has released patches along with Response Matrix and Fixed version details.

Thanks to the Reporter

VMware also thanked Jari Jääskelä for reporting this issue.

Fixed Version 

VMware Carbon Black App Control 8.8.2, 8.7.4, 8.6.6, 8.5.14 have these issues fixed and updated. VMware has provided release notes for these patches.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.