Wiz
Vulnerability DatabaseCVE-2021-22038

CVE-2021-22038
VMware InstallBuilder vulnerability analysis and mitigation

Overview

CVE-2021-22038 is a binary planting vulnerability affecting InstallBuilder Windows uninstallers. The vulnerability was discovered and disclosed in October 2021. The issue affects InstallBuilder versions prior to 21.6.0 on Windows systems (InstallBuilder Blog).

Technical details

The vulnerability occurs when the uninstaller binary copies itself to a fixed temporary location for execution on Windows systems. The temporary location used is not randomized and lacks proper access restrictions to Administrators only. This creates a security weakness in the uninstallation process (InstallBuilder Blog).

Impact

If successfully exploited, an attacker could plant a malicious binary to replace the copied uninstaller binary before it gets executed, allowing code execution with the security scope of the uninstaller (InstallBuilder Blog).

Mitigation and workarounds

The vulnerability was fixed in InstallBuilder version 21.6.0. Affected customers are advised to update to InstallBuilder 21.6.0 or later versions and release new versions of their installers (InstallBuilder Blog).

Community reactions

The vulnerability was discovered and reported by the Lockheed Martin Red Team and Zscaler, who also assisted in testing the fixes (InstallBuilder Blog).

Additional resources

SourceThis report was generated using AI

Related VMware InstallBuilder vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2021-22038HIGH8.8
  • VMware InstallBuilderVMware InstallBuilder
  • cpe:2.3:a:vmware:installbuilder
NoYesOct 29, 2021
CVE-2021-22037HIGH7.8
  • VMware InstallBuilderVMware InstallBuilder
  • cpe:2.3:a:vmware:installbuilder
NoYesOct 29, 2021
CVE-2020-3946HIGH7.5
  • VMware InstallBuilderVMware InstallBuilder
  • cpe:2.3:a:vmware:installbuilder
NoYesApr 20, 2020

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo