CVE-2023-20858

VMware Carbon Black App Control Remote Code Execution Vulnerability (CVE-2023-20858) Notification

February 27, 2023

Overview Recently, NSFOCUS CERT found that VMware has officially fixed an App Control injection vulnerability (CVE-2023-20858). Due to flaws in product verification of user-input content, attackers with App Control management console permissions can access the underlying server operating system by entering specially crafted data, and ultimately achieve arbitrary code execution on the target system. The […]

Search

Subscribe to the NSFOCUS Blog