KALI

VMware Released Security Updates for Critical Remote Code Execution Vulnerability

VMware security updates published for its AirWatch Agent that affected by critical remote code execution vulnerability.

VMware is a virtualization software which is installed on the physical server to allow for multiple virtual machines (VMs) to run on the same physical server.

This critical vulnerability discovered in VMware AirWatch Agent a division of virtualization vendor VMware.

It helps IT administrators deploy, secure and manage mobile devices, applications, and data, as well as Windows 10 and Apple Mac computers.

AirWatch Agent RCE Affected Platform

This Critical RCE vulnerability affects both VMware AirWatch Agent for Android (A/W Agent) & VMware AirWatch Agent for Windows Mobile (A/W Agent).

According to VMware, Android and Windows Mobile devices contain a remote code execution vulnerability in real time File Manager capabilities.

Also, this vulnerability leads to unauthorized creation and execution of files in the Agent sandbox also in other publicly accessible directories.

This RCE vulnerability leads to a remote attacker could exploit this vulnerability to take control of an affected system.

Mitigations

Users are recommended to update AirWatch Agent for Android 8.2 and AirWatch Agent for Windows Mobile 6.5.2 to mitigate the vulnerabilities.

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

C2A Security’s EVSec Risk Management and Automation Platform Gains Automotive Industry Favor as Companies Pursue Regulatory Compliance

In 2023, C2A Security added multiple OEMs and Tier 1s to its portfolio of customers, successful evaluations, and partnerships such…

11 mins ago

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and education. The latest update, Wireshark 4.2.4,…

3 hours ago

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered platform designed to redefine how we…

3 hours ago

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information and grant unauthorized access. It's an…

4 hours ago

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including two zero-day exploits showcased at the…

7 hours ago

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and turning them into bots for the…

7 hours ago