CVE-2018-6968
First published: Mon Jun 11 2018(Updated: )
The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator.
Credit: security@vmware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Vmware Airwatch Agent | <6.5.2 | |
| Vmware Airwatch Agent | <8.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-6968?
CVE-2018-6968 is classified as a critical vulnerability due to its potential for remote code execution.
How do I fix CVE-2018-6968?
To fix CVE-2018-6968, you should update the VMware AirWatch Agent for Android to version 8.2 or later, and for Windows Mobile to version 6.5.2 or later.
What does CVE-2018-6968 affect?
CVE-2018-6968 affects the VMware AirWatch Agent for Android prior to version 8.2 and for Windows Mobile prior to version 6.5.2.
What type of vulnerability is CVE-2018-6968?
CVE-2018-6968 is a remote code execution vulnerability that allows unauthorized file creation and execution.
Can CVE-2018-6968 lead to data breaches?
Yes, CVE-2018-6968 can potentially lead to data breaches if exploited, as it allows unauthorized access to files within the Agent sandbox.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/author
- agent/references
- agent/severity
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- vendor/vmware
- canonical/vmware airwatch agent