CyberSec.Space Logo
Back to CVE Browser

CVE-2018-6968

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1660%
EPSS Percentile7.17th
PublishedJun 11, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator.

Affected Platforms (CPE)

πŸ“¦
Vmware

Airwatch Agent

< 6.5.2
πŸ“¦
Vmware

Airwatch Agent

< 8.2

References & Advisories

πŸ”— http://www.securityfocus.com/bid/104441
πŸ”— http://www.securitytracker.com/id/1041060
πŸ”— http://www.vmware.com/security/advisories/VMSA-2018-0015.html
πŸ”— http://www.securityfocus.com/bid/104441
πŸ”— http://www.securitytracker.com/id/1041060
πŸ”— http://www.vmware.com/security/advisories/VMSA-2018-0015.html

Related Vulnerabilities

CVE-2017-48958.8

Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of t...

CVE-2018-69755.5

The AirWatch Agent for iOS prior to 5.8.1 contains a data protection vulnerability whereby the files and keychain entries in the A...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...