Security News > 2022 > May > DHS orders federal agencies to patch VMware bugs within 5 days

DHS orders federal agencies to patch VMware bugs within 5 days
2022-05-18 17:38

The Department of Homeland Security's cybersecurity unit ordered Federal Civilian Executive Branch agencies today to urgently update or remove VMware products from their networks by Monday due to an increased risk of attacks.

In April, VMware patched another set of critical vulnerabilities, a remote code execution bug and a 'root' privilege escalation in VMware Workspace ONE Access and VMware Identity Manager.

While today's VMware bugs are not yet exploited in the wild, attackers started exploiting the ones fixed in April within 48 hours after reverse-engineering the update to deploy coinminers and install backdoors.

CISA determined that all these security flaws pose an unacceptable risk to federal agencies and has ordered them to take emergency action to patch them against CVE-2022-22972 and CVE-2022-22973 within 5 days, by May 23.

Find all impacted VMware products on their networks and deploy updates or remove them from the network until they can be patched.

Assume compromise for all Internet-exposed impacted VMware products, conduct threat hunt activities, and report any anomalies to CISA. By 12 PM EDT on Tuesday, all agencies should report the status of all VMware instances found on their networks using Cyberscope.


News URL

https://www.bleepingcomputer.com/news/security/dhs-orders-federal-agencies-to-patch-vmware-bugs-within-5-days/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-05-20 CVE-2022-22973 Unspecified vulnerability in VMWare products
VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability.
local
low complexity
vmware
7.8
2022-05-20 CVE-2022-22972 Unspecified vulnerability in VMWare products
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users.
network
low complexity
vmware
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Vmware 186 83 403 203 107 796