VMware has recently fixed multiple security vulnerabilities, including a critical authentication bypass issue across different products. The firm urges the users to update their devices at the earliest.
Critical Authentication Bypass And RCE Flaws
Security researcher Petrus Viet discovered two severe vulnerabilities affecting multiple VMware products. These include a critical-severity authentication bypass vulnerability allowing an adversary to take over the target system.
Apart from this critical vulnerability, the researcher also found another security flaw in VMware products, as mentioned in his tweet.
I have found vulnerabilities CVE-2022-31656 and CVE-2022-31659 leading to unauthenticated remote code execution affecting many #VMware products, such as Workspace ONE. Technical writeup and POC soon to follow.
— Petrus Viet (@VietPetrus) August 2, 2022
While he hasn’t shared the details of both vulnerabilities yet, VMware has released brief disclosures in a detailed advisory, which also mentions numerous other bugs.
According to the advisory, the authentication bypass vulnerability, CVE-2022-31656, affected the VMware Workspace ONE Access, Identity Manager, and vRealize Automation. As described, this vulnerability impacted the local domain users, enabling an attacker with network access to the UI to gain admin privileges without authentication.
The second vulnerability that Viet discovered, CVE-2022-31659, affected the VMware Workspace ONE Access and Identity Manager. VMware has marked it as an important severity vulnerability that attained a CVSS score of 8.0. This vulnerability could allow an attacker with network and admin access to execute codes.
Other VMware Vulnerabilities
Alongside these vulnerabilities, VMware also fixed numerous other security issues affecting VMware Workspace ONE Access, Identity Manager, and vRealize Automation. (The CVE-2022-31662 also affected VMware Connectors.) These include,
- CVE-2022-31658 (CVSS 8.0): important severity remote code execution vulnerability.
- CVE-2022-31660 (CVSS 7.8): important severity local privilege escalation.
- CVE-2022-31661 (CVSS 7.8): important severity local privilege escalation.
- CVE-2022-31664 (CVSS 7.8): important severity local privilege escalation.
- CVE-2022-31665 (CVSS 7.6): important severity remote code execution vulnerability.
- CVE-2022-31657 (CVSS 5.9): moderate severity URL injection vulnerability allowing an attacker with network access to redirect users to arbitrary domains.
- CVE-2022-31662 (CVSS 5.3): moderate severity path traversal vulnerability exposing arbitrary files to an attacker with network access.
- CVE-2022-31663 (CVSS 4.7): moderate severity reflected cross-site scripting vulnerability.
VMware has shared the details about the fixed releases for the affected products in their advisory. Hence, users must go through the list and update their systems accordingly to avoid malicious exploitation.