VMware security updates published for its AirWatch Agent that affected by critical remote code execution vulnerability.
VMware is a virtualization software which is installed on the physical server to allow for multiple virtual machines (VMs) to run on the same physical server.
This critical vulnerability discovered in VMware AirWatch Agent a division of virtualization vendor VMware.
It helps IT administrators deploy, secure and manage mobile devices, applications, and data, as well as Windows 10 and Apple Mac computers.
AirWatch Agent RCE Affected Platform
This Critical RCE vulnerability affects both VMware AirWatch Agent for Android (A/W Agent) & VMware AirWatch Agent for Windows Mobile (A/W Agent).
According to VMware, Android and Windows Mobile devices contain a remote code execution vulnerability in real time File Manager capabilities.
Also, this vulnerability leads to unauthorized creation and execution of files in the Agent sandbox also in other publicly accessible directories.
Mitigations
