SOCRadar® Cyber Intelligence Inc. | VMware Fixes Critical Vulnerability in Carbon Black App Control (CVE-2023-20858)
Table Of Content
Home

Resources

Blog
Feb 22, 2023
2 Mins Read

VMware Fixes Critical Vulnerability in Carbon Black App Control (CVE-2023-20858)

VMware has recently rolled out a patch to address a critical vulnerability in its Carbon Black App Control product, which could result in full access to the operating system. The VMware vulnerability is identified as CVE-2023-20858 and has a CVSS score of 9.1

The Carbon Black App Control product is used for application control and endpoint security; it enforces security policies for endpoints and controls which applications are allowed to run on them. 

The vulnerability, CVE-2023-20858, was reported by the security researcher Jari Jääskelä of HackerOne

Affected Carbon Black App Control Versions 

The following versions of VMware Carbon Black App Control, running on Microsoft Windows operating systems, are vulnerable to CVE-2023-20858: 

  • 8.7.x before 8.7.8 
  • 8.8.x before 8.8.6 
  • 8.9.x before 8.9.4 

How Does the CVE-2023-20858 Vulnerability Affect? 

The CVE-2023-20858 vulnerability could allow an attacker with privileged access to the VMware product’s administration console to launch injection exploits with specially crafted input. Successful exploitation of the vulnerability could lead to the underlying server operating system being fully compromised. 

Security researchers advised applying the patches to avoid exploitation. See the official VMware advisory for the Carbon Black App Control vulnerability here

VMware Fixes Additional Vulnerabilities 

Another advisory by VMware includes a high-severity vulnerability in its vRealize Orchestrator, vRealize Automation, and Cloud Foundation products. It is an XML External Entity (XXE) vulnerability tracked as CVE-2023-20855, with a CVSS score of 8.8

CVE-2023-20855 could allow an attacker to escalate privilege or access sensitive information by bypassing XML parsing restrictions and does not require administrative access. An attacker can use crafted input to exploit the vulnerability. 

Find Details on SOCRadar 

SOCRadar tracks all vulnerability statuses and updates so that you can easily access them on the platform. The Vulnerability Intelligence tab displays the most recent vulnerability trends among threat actors and weekly vulnerabilities. It also allows you to search through many vulnerabilities to find detailed information. The platform also sends alerts if any vulnerabilities are discovered in your assets, allowing you to better manage your security posture.

Improve your security with SOCRadar Vulnerability Intelligence
Related Articles
SOCRadar® Cyber Intelligence Inc. | NodeStealer’s Evolution: A Growing Threat to Facebook Accounts and Beyond
NodeStealer’s Evolution: A Growing Threat to Facebook Accounts and Beyond
Nov 22, 2024
SOCRadar® Cyber Intelligence Inc. | Financial Software Company Finastra Investigates Recent Security Incident
Financial Software Company Finastra Investigates Recent Security Incident
Nov 21, 2024
SOCRadar® Cyber Intelligence Inc. | Privilege Escalation Risks in ‘needrestart’ Utility Threaten Linux Systems; OSS-Fuzz Finds 26 Hidden Flaws
Privilege Escalation Risks in ‘needrestart’ Utility Threaten Linux Systems; OSS-Fuzz Finds 26 Hidden Flaws
Nov 21, 2024
SOCRadar® Cyber Intelligence Inc. | Apple, Oracle, and Apache Issue Critical Updates for Actively Exploited and High-Risk Vulnerabilities
Apple, Oracle, and Apache Issue Critical Updates for Actively Exploited and High-Risk Vulnerabilities
Nov 20, 2024
SOCRadar® Cyber Intelligence Inc. | Exploited PAN-OS Zero-Days Threaten Thousands of Firewalls (CVE-2024-0012 and CVE-2024-9474)
Exploited PAN-OS Zero-Days Threaten Thousands of Firewalls (CVE-2024-0012 and CVE-2024-9474)
Nov 19, 2024