Updated May 27, 2022
A new proof-of-concept exploit code has been posted that enables a critical authentication bypass vulnerability in multiple VMware products. The exploit lets hackers gain admin privileges. VMware has released security updates and patch instructions that address the CVE-2022-22972 flaw that affects VMware Workspace ONE Access, VMware Identity Manager (vIDM), or vRealize Automation. VMware also posted temporary workaround instructions for admins unable to immediately patch vulnerable appliances. The workaround requires that all users are disabled except for one provisioned administrator.
Stay tuned for updates.
________________________
VMware is the virtualization technology leader in terms of market share. That’s why we wanted to share this emergency directive and related advisory as soon as we saw it. The Cybersecurity and Infrastructure Security Agency (CISA) issued the emergency directive and released its advisory in response to the active and expected further exploitation of multiple vulnerabilities found in specific VMware products:
- VMware Workspace ONE Access (Access)
- VMware Identity Manager (vIDM)
- VMware vRealize Automation (vRA)
- VMware Cloud Foundation
- vRealize Suite Lifecycle Manager
If you have any of these products deployed within your infrastructure, you need to take action now.
In the alert, CISA says that VMware updates released on April 6 this year—developed to patch previously discovered vulnerabilities—were exploited by malicious actors within 48 hours of the release. The hackers were able to reverse engineer the updates and immediately started to exploit vulnerabilities in unpatched devices.
VMware has responded with an advisory that describes the vulnerabilities and provides guidance for response and remediation. CISA has posted its emergency directive for mitigation to notify government agencies and organizations that work with those agencies as to the steps they need to take to mitigate the vulnerability.
We’ll share updates as they are made available. If you have questions, please contact us.
You May Also Like
- Backup and Disaster Recovery Business Continuity Data Protection Data Resilience
Why Your Company’s SaaS Data Is at Risk and How to Protect It
June 27th, 2024 - Backup and Disaster Recovery Business Continuity Cloud Compliance Data Management Data Protection Data Resilience Ransomware
Microsoft 365’s Built-in Data Protections Aren’t Enough: The Case for SaaS Data Backup
June 25th, 2024 - Backup and Disaster Recovery Business Continuity Data Management Data Protection Data Resilience Data Storage
Stratégies de sauvegarde des données : astuces garantissant la continuité d'activité et minimisant les temps d'arrêt
June 24th, 2024