Security News > 2022 > May > Exploit released for critical VMware auth bypass bug, patch now
Proof-of-concept exploit code is now available online for a critical authentication bypass vulnerability in multiple VMware products that allows attackers to gain admin privileges.
VMware released security updates to address the CVE-2022-22972 flaw affecting Workspace ONE Access, VMware Identity Manager, or vRealize Automation.
"This critical vulnerability should be patched or mitigated immediately per the instructions in VMSA-2021-0014," VMware warned last week.
In April, VMware has patched two more critical vulnerabilities, a remote code execution bug and a 'root' privilege escalation in VMware Workspace ONE Access and VMware Identity Manager.
Although the CVE-2022-22972 VMware auth bypass is not yet exploited in the wild, attackers have started abusing the ones addressed in April within 48 hours to backdoor vulnerable systems and deploy coin miners.
"CISA expects threat actors to quickly develop a capability to exploit these newly released vulnerabilities in the same impacted VMware products," the cybersecurity agency said.
News URL
Related news
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
- Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw (source)
- Hackers exploit WordPress plugin auth bypass hours after disclosure (source)
- ASUS warns of critical auth bypass flaw in routers using AiCloud (source)
- PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433) (source)
- Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised (source)
- ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More (source)
- Apache Parquet exploit tool detect servers vulnerable to critical flaw (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-20 | CVE-2022-22972 | Unspecified vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. | 9.8 |