Security News > 2022 > May > Researchers to release exploit for new VMware auth bypass, patch now
Proof-of-concept exploit code is about to be published for a vulnerability that allows administrative access without authentication in several VMware products.
Security researchers at attack surface assessment company Horizon3 announced today that they managed to create a working proof-of-concept exploit code for CVE-2022-22972 and will be releasing a technical report shortly.
The severity of the vulnerability has been further highlighted by the U.S. Cybersecurity and Infrastructure Security Agency in an emergency directive published on the same day VMware released the fix for CVE-2022-22972.
A set of critical vulnerabilities that VMware patched in April started to be exploited in the wild just 48 hours after the company released an alert and the corresponding fixes, to install cryptocurrency miners and backdoors.
Horizon3 previously released exploit code for CVE-2022-1388 - a critical vulnerability that allows remote code execution in F5 BIG-IP networking devices.
Just like with the upcoming exploit release for the VMware vulnerability, the researchers strongly recommended admins to patch their vulnerable F5 appliances.
News URL
Related news
- Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution (source)
- Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques (source)
- Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices (source)
- Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions (source)
- Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits (source)
- Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft (source)
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability (source)
- Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software (source)
- Hackers exploit authentication bypass in Palo Alto Networks PAN-OS (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-20 | CVE-2022-22972 | Unspecified vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. | 9.8 |
| 2022-05-05 | CVE-2022-1388 | Unspecified vulnerability in F5 products On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. | 0.0 |