Published: 10/05/2017 Updated: 03/10/2019

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vmware airwatch inbox -
vmware airwatch agent -

VMware's enterprise mobility management tool can p0wn itself

The Register • Simon Sharwood • 31 Jan 2017

AirWatch's Android app and Agent need an update, stat

VMware's AirWatch enterprise mobility management service has two flaws that means the software needs ran update ASAP. In an emailed security advisory, VMware warns that “Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection during enrollment.” “Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data.” The second flaw means “Airwatch Inbox for Android c...

CVE-2017-4895

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect