CVE-2023-20858: 
VMware Carbon Black EDR vulnerability analysis and mitigation

VMware Carbon Black App Control versions 8.7.x prior to 8.7.8, 8.8.x prior to 8.8.6, and 8.9.x prior to 8.9.4 contain a critical injection vulnerability identified as CVE-2023-20858. The vulnerability was privately reported to VMware by security researcher Jari Jääskelä and was disclosed on February 21, 2023. The vulnerability has received a critical CVSS v3.1 base score of 9.1, indicating its severe nature (VMware Advisory, NVD).

The vulnerability is classified as an injection vulnerability (CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component). It has been assigned a CVSS v3.1 vector of CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H, indicating that it is network-accessible, requires high privileges, but no user interaction, and can potentially impact confidentiality, integrity, and availability (NVD).

If successfully exploited, this vulnerability allows a malicious actor with privileged access to the App Control administration console to gain access to the underlying server operating system through specially crafted input. The critical severity rating and high CVSS score indicate potential for significant system compromise (Hacker News, Help Net Security).

VMware has released security updates to address this vulnerability. Users are advised to upgrade to the fixed versions: 8.7.8 for 8.7.x installations, 8.8.6 for 8.8.x installations, and 8.9.4 for 8.9.x installations. No workarounds are available, making the update the only viable solution (VMware Advisory).