3 matches found
CVE-2020-4008
The installer of the macOS Sensor for VMware Carbon Black Cloud prior to 3.5.1 handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which a macOS sensor is going to be installed, may overwrite a limited number of files with output from the sensor...
CVE-2020-4008
CVE-2020-4008 concerns the macOS Sensor for VMware Carbon Black Cloud prior to version 3.5.1, where the installer handles certain files insecurely. This vulnerability could allow a local attacker with access to the endpoint to overwrite a limited set of files with output from the sensor installat...
VMware Carbon Black Cloud macOS Sensor installer updates address file overwrite issue (CVE-2020-4008)
3. VMware Carbon Black Cloud macOS Sensor installer file overwrite issue CVE-2020-4008 The installer of the macOS Sensor for VMware Carbon Black Cloud handles certain files in an insecure way. VMware has evaluated the severity of this issue to be in the Low severity range with a CVSSv3 base score...