CVE-2020-4008
N/A
N/A
Summary
The installer of the macOS Sensor for VMware Carbon Black Cloud (prior to 3.5.1) handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which a macOS sensor is going to be installed, may overwrite a limited number of files with output from the sensor installation.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | VMware Carbon Black Cloud macOS Sensor | VMware Carbon Black Cloud macOS Sensor (prior to 3.5.1) | affected |
Weaknesses
- VMware Carbon Black Cloud macOS Sensor installer file overwrite issue
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.