High severity vulnerabilities can be exploited to gain escalated privileges in Windows Defender Credential Guard, and VMware while a critical vulnerability in GitLab can be exploited to execute remote commands.
(Sign up to our Technology newsletter, Today’s Cache, for insights on emerging themes at the intersection of technology, business and policy. Click here to subscribe for free.)
The vulnerability notes were released by the Computer Emergency Response Team (CERT-In) on Wednesday.
In Windows Defender Credential Guard
The high severity vulnerability reported in Windows Defender can be exploited by a local authenticated attacker by escalating their privileges, thereby bypassing security restrictions.
Successful exploitation can compromise the security of the affected systems.
The vulnerability in Windows Defender exists due to a flaw in the credential guard component.
Windows Defender credential guard is a critical component of the software that secures the operating system by isolating users’ login information from the rest of the OS.
In VMware tools
High severity vulnerabilities have been detected in VMware tools that affect Windows and Linux versions.
The vulnerability can reportedly be used by a local authenticated attacker to escalate privileges as a root user. This escalation can allow attackers to gain access to critical components of the OS, thereby compromising their security.
The vulnerability reportedly exists in VMware tools due to improper security restrictions, allowing attackers to escalate their privileges on the affected systems.
A critical remote command execution vulnerability has been reported in GitLab, an open-source code repository and software development platform.
The vulnerability in GitLab exists due to improper input validation within the import from GitHub API endpoint.
It can be exploited by a remote user to pass specially crafted data to the application and execute arbitrary commands, thereby compromising the security of affected systems.
Application of security patch available on Microsoft’s security bulletin, VMware, and GitLab’s website is suggested to fix the vulnerability.