![]() ![]() “This critical vulnerability should be patched or mitigated immediately per the instructions in VMSA-2021-0014. It was independently reported to the vendor by Kai Zhao of ToTU Security Team and Steven Yu. The second bug, tracked as CVE-2022-22973 and rated “high severity,” has been described as a local privilege escalation issue. The security hole was reported to VMware by Bruno López of Innotec Security. One of them, identified as CVE-2022-22972 and rated “critical,” can be exploited by an attacker with network access to the UI to bypass authentication and obtain admin access. On Wednesday, VMware released a new advisory to inform customers about two new vulnerabilities affecting Workspace ONE Access, Identity Manager and vRealize Automation. “Additionally, CISA has received information about observed exploitation of CVE-2022-22954 and CVE-2022-22960 by multiple threat actors at multiple other large organizations from trusted third parties.” “CISA has deployed an incident response team to a large organization where the threat actors exploited CVE-2022-22954,” CISA said. Attackers developed an exploit within 48 hours and the cybersecurity agency had instructed federal agencies to patch the flaws by May 5 and May 6. Initial reports only named CVE-2022-22954 as being exploited in the wild, but several cybersecurity firms later observed attacks chaining the vulnerability with CVE-2022-22960 for privilege escalation.ĬISA said on Wednesday that the vulnerabilities have been exploited - both separately and chained - by what appear to be APT actors. They affect VMware Workspace ONE Access, Identity Manager, and vRealize Automation, and they were patched in early April.īoth vulnerabilities were reported to VMware by Steven Seeley of the Qihoo 360 Vulnerability Research Institute. The actively exploited vulnerabilities are tracked as CVE-2022-22954 and CVE-2022-22960, and they allow remote code execution and privilege escalation, respectively. The US Cybersecurity and Infrastructure Security Agency (CISA) has warned organizations about two actively exploited VMware product vulnerabilities, and the agency believes two other freshly patched flaws will also be exploited soon. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |