Security News > 2022 > November > VMware fixes three critical auth bypass bugs in remote access tool

VMware has released security updates to address three critical severity vulnerabilities in the Workspace ONE Assist solution that enable remote attackers to bypass authentication and elevate privileges to admin.
Workspace ONE Assist provides remote control, screen sharing, file system management, and remote command execution to help desk and IT staff remotely access and troubleshoot devices in real time from the Workspace ONE console.
"A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application," VMware describes the three security bugs.
All vulnerabilities patched today have been found and reported to VMware by Jasper Westerman, Jan van der Put, Yanick de Pater, and Harm Blankers of REQON IT-Security.
In August, VMware warned admins to patch another critical authentication bypass security flaw in VMware Workspace ONE Access, Identity Manager, and vRealize Automation, enabling unauthenticated attackers to gain admin privileges.
In May, VMware patched an almost identical critical vulnerability, another authentication bypass found by Bruno López of Innotec Security in Workspace ONE Access, VMware Identity Manager, and vRealize Automation.
News URL
Related news
- Kimsuky hackers use new custom RDP Wrapper for remote access (source)
- Juniper patches critical auth bypass in Session Smart routers (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)
- Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution (source)
- Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches (source)
- GitLab patches critical authentication bypass vulnerabilities (source)
- New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking (source)
- Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks (source)
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
- Critical flaw in Next.js lets hackers bypass authorization (source)