Rewterz Threat Advisory – CVE-2020-4008 – VMware Carbon Black Cloud macOS Sensor

Rewterz Threat Advisory – CVE-2020-12516 – ICS: WAGO Series 750-88x and 750-352

December 16, 2020

Rewterz Threat Alert – APT-C-27 Raddex Family Malicious Android APK

December 16, 2020

Rewterz Threat Advisory – CVE-2020-4008 – VMware Carbon Black Cloud macOS Sensor

Severity

Low

Analysis Summary

CVE-2020-4008

A malicious actor who has local access to the endpoint on which a macOS sensor is going to be installed, may overwrite a limited number of files with output from the sensor installation. The malicious actor would have to trick a victim to install malware in order to obtain such access. Exploitation of this issue can only occur at a specific point of time during the installation process and depends on specific conditions.

Impact

Insecure file handling

Affected Vendors

VMware

Affected Products

VMware Carbon Black Cloud macOS Sensor

Remediation

Refer to vendor advisory for the complete list of affected products and their respective patches.

https://www.vmware.com/security/advisories/VMSA-2020-0028.html

Rewterz Threat Advisory – CVE-2020-12516 – ICS: WAGO Series 750-88x and 750-352

Rewterz Threat Alert – APT-C-27 Raddex Family Malicious Android APK

Rewterz Threat Advisory – CVE-2020-4008 – VMware Carbon Black Cloud macOS Sensor

Severity

Analysis Summary

CVE-2020-4008

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan