CVE-2018-6968
CRITICALVMware AirWatch Agent < 6.5.2 and < 8.2 - Remote Code Execution via File Manager
Title source: llmDescription
The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2018-0015.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104441
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1041060
Scores
CVSS v3
10.0
EPSS
0.0950
EPSS Percentile
92.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Details
Status
published
Products (2)
vmware/airwatch_agent
< 6.5.2
vmware/airwatch_agent
< 8.2
Published
Jun 11, 2018
Tracked Since
Feb 18, 2026