Security News > 2020 > November > VMware discloses critical zero-day vulnerability in Workspace One
VMware has released a workaround to address a critical zero-day in multiple VMware Workspace One components that allows attackers to execute commands on the host Linux and Windows operating systems using escalated privileges.
The vulnerability tracked as CVE-2020-4006 is a command injection bug - with a 9.1/10 CVSSv3 severity rating - found in the administrative configurator of some releases of VMware Workspace ONE Access, Access Connector, Identity Manager, and Identity Manager Connector.
While VMware is still working on releasing security updates to address the zero-day vulnerability, the company does provide admins with a temporary workaround designed to fully remove the attack vector on affected systems and prevent exploitation of CVE-2020-4006.
"Impacts are limited to functionality performed by this service," VMware adds.
Full details on how to implement and revert the workarounds on Linux-based appliances and Windows-based servers are available HERE. The Cybersecurity and Infrastructure Security Agency also urges admins and users to apply the workarounds issued by VMware to block attackers from potentially taking over impacted systems.
News URL
Related news
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Fortinet fixes critical zero-day exploited in FortiVoice attacks (source)
- Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own (source)
- Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-23 | CVE-2020-4006 | OS Command Injection vulnerability in VMWare products VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability. | 9.1 |