Security News > 2022 > April > Critical VMware Workspace ONE Access Flaw Under Active Exploitation in the Wild

Critical VMware Workspace ONE Access Flaw Under Active Exploitation in the Wild
2022-04-14 20:14

A week after VMware released patches to remediate eight security vulnerabilities in VMware Workspace ONE Access, threat actors have begun to actively exploit one of the critical flaws in the wild.

Tracked as CVE-2022-22954, the critical issue relates to a remote code execution vulnerability that stems from server-side template injection in VMware Workspace ONE Access and Identity Manager.

Cybersecurity firm Bad Packets also corroborated that it detected attempts to weaponize the vulnerability.

It's worth noting that the patches shipped last week address seven more vulnerabilities in VMware Workspace ONE Access, VMware Identity Manager, VMware vRealize Automation, VMware Cloud Foundation, and vRealize Suite Lifecycle Manager, four of which are rated Critical, two are rated Important, and one is rated Moderate.

In light of recurring exploitation of VMWare products by nation-state groups and cyber criminal actors, it's recommended that users move quickly to upgrade to the latest version.

"This critical vulnerability should be patched or mitigated immediately," VMware cautioned last week.


News URL

https://thehackernews.com/2022/04/vmware-releases-patches-for-critical.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-04-11 CVE-2022-22954 Code Injection vulnerability in VMWare products
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection.
network
low complexity
vmware CWE-94
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Vmware 146 11 222 256 102 591