Security News VMware plugs RCE hole in remote management agent

[LASER_oneXM]

Content source

https://www.helpnetsecurity.com/2018/06/12/cve-2018-6968/

VMware has fixed a critical remote code execution vulnerability in VMware AirWatch Agent for Android and Windows Mobile, and is urging users to upgrade to the newest versions of the software (8.2 and 6.5.2, respectively). The iOS version is not affected.

It can be exploited by remote attackers with knowledge of specific enrolled devices within an AirWatch instance to add or remove files from a device, remotely execute commands on it, or modify or set Registry Key values for Windows Mobile devices that are configured to use AirWatch Cloud Messaging (AWCM).

The offered updates effectively disable File and Registry Management capabilities.

VMware also added that “through mitigation of this security vulnerability, the File, Task & Registry Management capabilities built into AWCM will be disabled in current SaaS environments over the coming weeks” and that the functionality will be deprecated in future releases of the Workspace ONE UEM Console.