Earlier today, VMware released an advisory for their Carbon Black product. It hits hard at a grueling 9.1 rating on CSSv3. It’s a remote code execution vulnerability, which is why it has been rated so high. If you’re making use of App Control versions 8.5.x to 8.8.x, you’re affected. The good news is that all you need to do is patch to remediate the issue! Each previously listed version has its respective patch to apply. The bad news is that all you can do it patch. That’s right, there’s no other workarounds provided by VMware…except to not use App Control (sad face). The other good news is that it appears that the threat actor would need administrative access to the App Control admin interface in order to exploit the vulnerability. So if you can’t, or don’t want to patch right now, take extra precautions to secure privileged access. You can check out the official advisory article here if you wish to read up on further details. Paul Dirmann, signing off (with a quickness because I’m on vacation but wanted to get this in front of the community for awareness 🙂 )
Paul Dirmann (vExpert PRO*, vExpert**, VCIX-DCV, VCAP-DCV Design, VCAP-DCV Deploy, VCP-DCV, VCA-DBT, C|EH, MCSA, MCTS, MCP, CIOS, Network+, A+) is the owner and current Lead Consultant at Dirmann Technology Consultants. A technology evangelist, Dirmann has held both leadership positions, as well as technical ones architecting and engineering solutions for multiple multi-million dollar enterprises. While knowledgeable in the majority of the facets involved in the information technology realm, Dirmann honed his expertise in VMware’s line of solutions with a primary focus in hyper-converged infrastructure (HCI) and software-defined data centers (SDDC), server infrastructure, and automation. Read more about Paul Dirmann here, or visit his LinkedIn profile.