VMware Issues Patches for Critical Flaws Affecting Carbon Black App Control

The Hacker News

VMware on Wednesday released software updates to plug two critical security vulnerabilities affecting its Carbon Black App Control platform that could be abused by a malicious actor to execute arbitrary code on affected installations in Windows systems.
Tracked as CVE-2022-22951 and CVE-2022-22952, both the flaws are rated 9.1 out of a maximum of 10 on the CVSS vulnerability scoring system.