Project Hyphae

VMware advises: “Patch Me Now!”

Share This Post

Ten vulnerabilities have recently been fixed in patches released by VMware. Products affected include:

VMware Workspace ONE Access (Access)
VMware Workspace ONE Access Connector (Access Connector)
VMware Identity Manager (vIDM)
VMware Identity Manager Connector (vIDM Connector)
VMware vRealize Automation (vRA)
VMware Cloud Foundation
vRealize Suite Lifecycle Manager

One of these vulnerabilities is CVE-2022-31656. While a severity rating has not been assigned to this vulnerability at the time of this writing, it is believed (based on early reports) that this is a variant or patch bypass of CVE-2022-22972, which was patched in May of 2022 and carried a severity rating of 7.5 out of 10.
Petrus Viet, the researcher who discovered this vulnerability, has also reported CVE-2022-31659, a SQL injection flaw that can be exploited to trigger a remote code execution. Some combination of these recent vulnerabilities, which include an authentication bypass and remote code execution, could make for some very nasty and troublesome exploit chains. Patching these vulnerabilities should be at the top of every VMWare administrator’s to-do list.

For the full advisory from VMware, please visit: https://www.vmware.com/security/advisories/VMSA-2022-0021.html

More To Explore

The Teams Call is Coming from Inside the House

Researchers at Vectra stumbled across some genuinely troubling design flaws in Microsoft Teams.  Essentially, Teams stores authentication tokens in plaintext capable of granting access to

When Oktapuses Attack

Group-IB, a Singapore based security and threat research company, identified a multiphase smishing (I really hate that word) campaign complete with MFA capture. The campaign

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.