VMware advises: “Patch Me Now!”

Share This Post

Ten vulnerabilities have recently been fixed in patches released by VMware. Products affected include:

VMware Workspace ONE Access (Access)
VMware Workspace ONE Access Connector (Access Connector)
VMware Identity Manager (vIDM)
VMware Identity Manager Connector (vIDM Connector)
VMware vRealize Automation (vRA)
VMware Cloud Foundation
vRealize Suite Lifecycle Manager

One of these vulnerabilities is CVE-2022-31656. While a severity rating has not been assigned to this vulnerability at the time of this writing, it is believed (based on early reports) that this is a variant or patch bypass of CVE-2022-22972, which was patched in May of 2022 and carried a severity rating of 7.5 out of 10.
Petrus Viet, the researcher who discovered this vulnerability, has also reported CVE-2022-31659, a SQL injection flaw that can be exploited to trigger a remote code execution. Some combination of these recent vulnerabilities, which include an authentication bypass and remote code execution, could make for some very nasty and troublesome exploit chains. Patching these vulnerabilities should be at the top of every VMWare administrator’s to-do list.

For the full advisory from VMware, please visit: https://www.vmware.com/security/advisories/VMSA-2022-0021.html



Reach out to our incident response team for help

More To Explore

Information Security News – 6/2/2025

Why Layoffs Increase Cybersecurity Risks Article Link: https://www.helpnetsecurity.com/2025/05/26/layoffs-cybersecurity-risks/ The CISO’s Dilemma: Balancing Access, Security, and Operational Continuity Article Link: https://www.forbes.com/councils/forbestechcouncil/2025/05/27/the-cisos-dilemma-balancing-access-security-and-operational-continuity/ Massive Data Breach Exposes 184

Information Security News – 5/19/2025

Attackers Lace Fake Generative AI Tools With ‘Noodlophile’ Malware Article Link: https://www.darkreading.com/endpoint-security/attackers-fake-generative-ai-tools-malware CISA Reverses Decision on Cybersecurity Advisory Changes Article Link: https://www.infosecurity-magazine.com/news/cisa-reverses-decision-advisory/ FBI Warns That

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.