Critical vulnerabilities in VMware Carbon Black App Control Server. Patch now

Cybersecurity specialists report the discovery of at least two severe flaws in various products developed by VMware. According to the report, the successful exploitation of these flaws would allow the deployment of privilege escalation attacks and the evasion of security measures on the affected systems. 

Below are brief descriptions of the reported failures, in addition to their respective tracking keys and their scores according to the Common Vulnerability Scoring System (CVSS).

CVE-2021-21999: The affected application does not impose adequate security restrictions, which would allow malicious hackers to evade security restrictions and privilege escalation.

The flaw received a CVSS score of 6.2/10 and its exploitation would allow privileges to scale on the compromised system.

This vulnerability resides in the following products and versions:

VMware Tools: 10.0.0, 10.0.5, 10.0.6, 10.0.8, 10.0.9, 10.0.12, 10.1.0, 10.1.5, 10.1.7, 10.1.10, 10.1.15, 10.2.0, 10.2.1, 10.2.5, 10.3.0, 10.3.2, 10.3.5, 10.3.10, 10.3.20, 10.3.21, 10.3.22, 10.3.23, 11.0.0, 11.0.1, 11.0.5, 11.0.6, 11.1.0, 11.1.1, 11.1.5, 11.2.0, 11.2.1 & 11.2.5

VMRC: 12.0.0

VMware App Volumes: 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 2.8, 2.9, 2.10, 2.11, 2.12, 2.12.1, 2.13, 2.13.1, 2.13.2, 2.13.3, 2.14, 2.15, 2.16, 2.17, 2.18, 2.18.1, 2.18.2, 2.18.3, 2.18.4, 2.18.5, 2.18.6, 2.18.7, 2.18.8, 2.18.9 & 4.0.0.105.

CVE-2021-21998: Un error durante el procesamiento de solicitudes de autenticación permitiría a los atacantes remotos evadir el proceso de autenticación y obtener acceso no autorizado a la aplicación comprometida.

This flaw received a CVSS score of 8.2/10 and is considered a critical security error.

The flaw resides in the following product and versions: VMware Carbon Black App Control Server: before 8.5.8, 8.6.2.

While the flaws could be exploited by remote threat actors, no exploitation attempts have yet been reported in real scenarios. Security patches are now available, so VMware recommends users of affected deployments fix them as soon as possible.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.