A critical security vulnerability in the VMware Carbon Black Cloud Workload appliance would allow privilege escalation and the ability to take over the administrative rights for the solution.The bug (CVE-2021-21982) ranks 9.1 out of 10 on the CVSS vulnerability-severity scale. The VMware Carbon Black Cloud Workload platform is designed to provide cybersecurity defence for virtual servers and workloads that are hosted on the VMware’s vSphere platform. vSphere is VMware’s cloud-computing virtualization platform.
CVE-2020-9922 can be triggered just by sending a target an email with two .ZIP files attached.
A zero-click security vulnerability in Apple’s macOS Mail would allow a cyber attacker to add or modify any arbitrary file inside Mail’s sandbox environment, leading to a range of attack types.
CVE-2020-9922 is rated 6.5 on the CVSS vulnerability-severity scale, making it medium-severity, but the researcher stressed that successful exploitation could “lead to many bad things.”
Citrix has released security updates to address vulnerabilities in Hypervisor (formerly Xen Server).An attacker could exploit some of these vulnerabilities to cause a denial-of-service condition.
We encourage users and administrators to review Citrix Security Update CTX306565 and apply the necessary updates.
Information for industrial control systems owners, operators, and vendors.
Resources for information sharing and collaboration among government agencies.
Information for system administrators and technical users.
