Heimdal
article featured image

Contents:

This week, American cloud computing and virtualization technology company VMware has patched a severe vulnerability in VMware Carbon Black App Control (AppC).

According to the security advisory, cybercriminals with access to the VMware Carbon Black App Control management server might be able to acquire administrative access to the product without the need to authenticate.

Carbon Black App Control is created for corporate environments, to lock down critical systems and servers to avert undesired changes and ensure continuous compliance with regulatory mandates.

CVE-2021-21998 flaw is an authentication bypass that is impacting VMware Carbon Black App Control (AppC) versions 8.0, 8.1, 8.5 prior to 8.5.8, and 8.6 prior to 8.6.2.

Given the part played by the product in a corporate network, gaining control of the AppC management server could lead to critical systems damage.

Depending on the environment, a threat actor could use the vulnerability to maximum advantage to attack anything from Point-of-Sales (PoS) to industrial control systems.

VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.4.

There are no workarounds available, and to remediate the issue you have to apply the patches listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.

ProductVersionRunning OnCVE Identifier CVSSv3 Severity Fixed Version Version WorkaroundsAdditional Documentation
AppC8.6.xWindowsCVE-2021-219989.4critical8.6.2NoneNone
AppC8.5.xWindowsCVE-2021-219989.4critical
8.5.8
NoneNone
AppC8.1.x, 8.0.xWindowsCVE-2021-219989.4criticalHotfixNoneNone

Apart from fixing CVE-2021-21998, the tech company also published a security advisory for a high-risk bug in VMware Tools, VMware Remote Console for Windows (VMRC), and VMware App Volumes products.

VMware has evaluated the severity of CVE-2021-21999 to be in the Important severity range with a maximum CVSSv3 base score of 7.8.

An attacker with normal access to a virtual machine may exploit this issue by placing a malicious file renamed as `openssl.cnf’ in an unrestricted directory which would allow code to be executed with elevated privileges.

Source

Administrators are urged to patch the affected systems as quickly as possible.

Enterprise patch management is an essential component of any good cybersecurity strategy and one that no company should neglect. Our Heimdal™ Patch & Asset Management will see any software assets in your inventory, alongside their version and number of installs, deploy Windows, 3rd party, and custom software to your endpoints anywhere in the world, and create inventory reports for accurate assessments and compliance demonstrations.

 

Heimdal Official Logo
Automate your patch management routine.

Heimdal® Patch & Asset Management Software

Remotely and automatically install Windows, Linux and 3rd party application updates and manage your software inventory.
  • Schedule updates at your convenience;
  • See any software assets in inventory;
  • Global deployment and LAN P2P;
  • And much more than we can fit in here...
Try it for FREE today 30-day Free Trial. Offer valid only for companies.

Author Profile

Antonia Din

PR & Video Content Manager

linkedin icon

As a Senior Content Writer and Video Content Creator specializing in cybersecurity, I leverage digital media to unravel and clarify complex cybersecurity concepts and emerging trends. With my extensive knowledge in the field, I create content that engages a diverse audience, from cybersecurity novices to experienced experts. My approach is to create a nexus of understanding, taking technical security topics and transforming them into accessible, relatable knowledge for anyone interested in strengthening their security posture.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE