Users need to have an urgent update as there are no workarounds for this error.
On February 21, VMware released fixes for a critical vulnerability in the Carbon Black App Control software.
CVE-2023-20858 (CVSS 9.1) affects App Control versions 8.7.x, 8.8.x, and 8.9.x. The company describes the problem as a command injection vulnerability. The discovery of the flaw is attributed to security researcher Jari Jaaskel.
The security bulletin states that an attacker with privileged access to the App Control administrative console could use a specially crafted input to gain access to the underlying server operating system.
VMware has stated that there are no workarounds to address this vulnerability, so customers need to upgrade to versions 8.7.8, 8.8.6, and 8.9.4 to mitigate potential risks.
VMware Carbon Black is a cloud-based endpoint security platform. The software continuously monitors and records activities in the workplace, visualizes malware activity and blocks it. Carbon Black uses ML models and optimized analytics to improve efficiency.
The French Computer Emergency Response Team (CERT-FR) previously warned that attackers are actively exploiting the 2021 RCE vulnerability in unpatched VMware ESXi servers to deploy the new ESXiArgs ransomware that has already affected more than 500 European organizations.