Remote Code Execution Vulnerability in VMware AirWatch Agent for Android and Windows Mobile
CVE-2018-6968

10CRITICAL

Key Information:

Vendor
Vmware
Status
Airwatch Agent
Vendor
CVE Published:
11 June 2018

Summary

The VMware AirWatch Agent for Android versions prior to 8.2 and for Windows Mobile versions prior to 6.5.2 exhibit a vulnerability allowing unauthorized remote code execution. This issue stems from inadequately protected File Manager functionalities, enabling malicious users to create and execute files within the Agent’s sandbox environment as well as within publicly accessible directories, including those located on the device's SD card. Such capability could lead to serious security breaches if exploited by an attacker with administrative access.

Affected Version(s)

AirWatch Agent AirWatch Agent for Android prior to 8.2

AirWatch Agent AirWatch Agent for Windows Mobile prior to 6.5.2

References

http://www.vmware.com/security/advisories/VMSA-2018-0015....
x_refsource_CONFIRM
http://www.securityfocus.com/bid/104441
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1041060
vdb-entryx_refsource_SECTRACK

EPSS Score

13% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.