Main Vulnerability Database Vulnerabilities #VU13260

Remote code execution in AirWatch Agent - CVE-2018-6968

Published: June 12, 2018

Vulnerability identifier: #VU13260

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/U:Amber

CVE-ID: CVE-2018-6968

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: VMware, Inc

Affected software:
AirWatch Agent

Detailed vulnerability description

The vulnerability allows a remote authenticated administrative attacker to execute arbitrary code on the target system.

The weakness exists due to a flaw in the real time File Manager function. A remote attacker can create files in the Agent sandbox and other publicly accessible directories (e.g., SD card) and execute execute arbitrary code with elevated privileges.

How to mitigate CVE-2018-6968

Update to version 6.2, 8.5.2.

Sources

https://www.vmware.com/security/advisories/VMSA-2018-0015.html

Remote code execution in AirWatch Agent - CVE-2018-6968

Detailed vulnerability description

How to mitigate CVE-2018-6968

Sources

Please verify you're human