Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

VMware Issues Patches for Critical Flaws Affecting Carbon Black App Control

VMware addressed two critical arbitrary code execution vulnerabilities affecting its Carbon Black App Control platform. VMware released this week, software updates to address two critical security vulnerabilities, CVE-2022-22951 and CVE-2022-22952 (both received a CVSS score of 10), affecting its Carbon Black App Control platform that could be exploited by a threat actor to execute arbitrary […]

VMware Fusion Pwn2Own Berlin 2025

VMware addressed two critical arbitrary code execution vulnerabilities affecting its Carbon Black App Control platform.

VMware released this week, software updates to address two critical security vulnerabilities, CVE-2022-22951 and CVE-2022-22952 (both received a CVSS score of 10), affecting its Carbon Black App Control platform that could be exploited by a threat actor to execute arbitrary code on affected installations on Windows systems.

The Carbon Black App Control is an application that allows listing solution that is designed to enable security operations teams to lock down new and legacy systems against unwanted change, simplify the compliance process, and provide protection for corporate systems.

The vulnerabilities were reported by security researchers Jari Jääskelä.

“Multiple vulnerabilities in VMware Carbon Black App Control were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.” reads the advisory published by VMware.

The issues could be only exploited by authenticated attackers with high privileges.

The first bug, tracked as CVE-2022-22951, is an OS command injection vulnerability in Carbon Black App Control. The issue is due to improper input validation leading to remote code execution.

“An authenticated, high privileged malicious actor with network access to the VMware App Control administration interface may be able to execute commands on the server due to improper input validation leading to remote code execution.” reads the advisory.

The second flaw, tracked as CVE-2022-22952, is a file upload vulnerability in VMware Carbon Black App Control. An attacker can trigger the flaw by uploading a specially crafted file.

“A malicious actor with administrative access to the VMware App Control administration interface may be able to execute code on the Windows instance where AppC Server is installed by uploading a specially crafted file.” continues the advisory.

Impacted versions are 8.5.x, 8.6.x, 8.7.x, and 8.8.x, the virtualization giant addressed the flaws with the release of versions 8.5.14, 8.6.6, 8.7.4, and 8.8.2. Customers are recommended to install security updates immediately.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Carbon Black App Control)

[adrotate banner=”5″]

[adrotate banner=”13″]