VMware Plugs Critical Carbon Black App Control Flaw


The leading provider of virtualization technology, VMware, released a significant security update on Tuesday to address a serious flaw in its Carbon Black App Control product, which is aimed at businesses. The vulnerability is identified by VMware as CVE-2023-20858, and a critical-severity alert warns that hackers may use injection vulnerabilities to acquire total access to the server operating system.

VMware cautioned that a hostile actor with access to the App Control management console might be able to utilise specially crafted input to gain access to the server operating system.

Read More…