When eight security flaws were fixed in VMware Workspace ONE Access, threat actors began actively exploiting one of them within a few days of the release of the patches.
CVE-2022-22954, a remote code execution vulnerability in VMware Workspace ONE Access and Identity Manager, is the most serious issue that needs to be addressed. The severity of the problem is 9.8.
When a malicious actor has network access, they can trigger a server-side template injection that may result in remote code execution," the company stated in its advisory.
As a result of the confirmed exploitation of CVE-2022-22954 in the wild, the virtualization services provider has since revised its bulletin to warn customers. According to Bad Packets, a cybersecurity firm, attempts to weaponize the vulnerability have been detected.
As previously mentioned, the patches released last week address seven additional vulnerabilities, four of which are critical in nature while the other two are important in nature. These vulnerabilities affect VMware Workspace One Access, VMware Identity Manager, VMware vRealize Automation and vRealize Suite Lifecycle Manager.
Because of the frequency with which VMWare products are exploited by nation-state groups and cyber criminal actors, users are encouraged to upgrade as soon as possible.
'This critical vulnerability should be patched or mitigated immediately,' VMware warned last week. "The consequences of this weakness are dire."
Post a Comment
Your suggestions and comments are welcome