VMware Patched Multiple Vulnerabilities Across Different Products

VMware has recently fixed multiple security vulnerabilities, including a critical authentication bypass issue across different products. The firm urges the users to update their devices at the earliest.

Critical Authentication Bypass And RCE Flaws

Security researcher Petrus Viet discovered two severe vulnerabilities affecting multiple VMware products. These include a critical-severity authentication bypass vulnerability allowing an adversary to take over the target system.

Apart from this critical vulnerability, the researcher also found another security flaw in VMware products, as mentioned in his tweet.

While he hasn’t shared the details of both vulnerabilities yet, VMware has released brief disclosures in a detailed advisory, which also mentions numerous other bugs.

According to the advisory, the authentication bypass vulnerability, CVE-2022-31656, affected the VMware Workspace ONE Access, Identity Manager, and vRealize Automation. As described, this vulnerability impacted the local domain users, enabling an attacker with network access to the UI to gain admin privileges without authentication.

The second vulnerability that Viet discovered, CVE-2022-31659, affected the VMware Workspace ONE Access and Identity Manager. VMware has marked it as an important severity vulnerability that attained a CVSS score of 8.0. This vulnerability could allow an attacker with network and admin access to execute codes.

Other VMware Vulnerabilities

Alongside these vulnerabilities, VMware also fixed numerous other security issues affecting VMware Workspace ONE Access, Identity Manager, and vRealize Automation. (The CVE-2022-31662 also affected VMware Connectors.) These include,

  • CVE-2022-31658 (CVSS 8.0): important severity remote code execution vulnerability.
  • CVE-2022-31660 (CVSS 7.8): important severity local privilege escalation.
  • CVE-2022-31661 (CVSS 7.8): important severity local privilege escalation.
  • CVE-2022-31664 (CVSS 7.8): important severity local privilege escalation.
  • CVE-2022-31665 (CVSS 7.6): important severity remote code execution vulnerability.
  • CVE-2022-31657 (CVSS 5.9): moderate severity URL injection vulnerability allowing an attacker with network access to redirect users to arbitrary domains.
  • CVE-2022-31662 (CVSS 5.3): moderate severity path traversal vulnerability exposing arbitrary files to an attacker with network access.
  • CVE-2022-31663 (CVSS 4.7): moderate severity reflected cross-site scripting vulnerability.

VMware has shared the details about the fixed releases for the affected products in their advisory. Hence, users must go through the list and update their systems accordingly to avoid malicious exploitation.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients