VMware patches 2 Critical Vulnerabilities in Carbon Black App Control, VMWare Tools and VMWare Remote Console
VMware patches 2 Critical Vulnerabilities in Carbon Black App Control, VMWare Tools and VMWare Remote Console
THREAT LEVEL: Amber.
For a detailed advisory, download the pdf file here.
VMware has patched an authentication bypass vulnerability(CVE-2021-21998) in the carbon black app control management server. Apart from this vulnerability VMware also patched a privilege escalation vulnerability(CVE-2021-21999) which was affected the VMware Tools for Windows, VMware Remote Console for Windows.
Vulnerability Details
![](https://i0.wp.com/www.hivepro.com/wp-content/uploads/2021/06/Screenshot-2021-06-24-at-3.26.04-PM.png?resize=640%2C284&ssl=1)
Patch Links
https://www.vmware.com/security/advisories/VMSA-2021-0012.html
https://www.vmware.com/security/advisories/VMSA-2021-0013.html
References
https://us-cert.cisa.gov/ncas/current-activity/2021/06/23/vmware-releases-security-updates