With VMware’s Carbon Black App Control (AppC) admins can protect servers and critical infrastructures. Now attackers could use one as “critical“exploit classified security hole and after a successful attack you stand as admin. Versions that are protected against this are available for download.
In order for attackers to sneak into systems as admins, they must have access to a network with management servers for AppC. If this is the case, they could bypass the authentication. It is not yet known how this could look in detail. After a successful attack, attackers gain administrative access to systems warns VMware in a post.
The developers state that the AppC versions 8.0.x, 8.1.x, 8.5.x and 8.6.x are only threatened under Windows. In the issues 8.5.8 and 8.6.2, the vulnerability (CVE-2021-21998) is closed. 8.0x and 8.1.x have received a hotfix for protection.