VMware Security Advisory VMSA-2022-0008 Carbon Black Software
If you are running VMware Carbon Black, there are several critical security updates. They all have a CVSSv3 rating of 9.1. These updates fix the following issues (1) OS command injection vulnerability in VMware Carbon Black App Control (CVE-2022-22951) and (2) File upload vulnerability in VMware Carbon Black App Control (CVE-2022-22952).
Multiple vulnerabilities in VMware Carbon Black App Control were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.
Update your system as soon as you can.