VMware reports four new vulnerabilities in vRealize operations for which fixed, updated software is available. In addition, in an update to an older security notification, the manufacturer warns that exploit code is publicly available to exploit the vulnerability.
newly discovered vulnerabilities
The newly reported vulnerabilities affect VMware vRealize operations. They can allow malicious actors with administrative network access to elevate their privileges to root (CVE-2022-31672, CVSS 7.2risk “High“. In addition, low-privilege attackers can eavesdrop on unauthorized information and subsequently execute arbitrary code remotely (CVE-2022-31673, CVSS 6.5, medium,
Another vulnerability could allow low-privilege attackers to access the information (CVE-2022-31674, CVSS 6.5, medium) The final vulnerability is that an unregistered user can create an administrative account (CVE-2022-31675, CVSS 5.6, medium) fixes bugs vactual operation Edition 8.6.4, Explains manufacturer in safety notification,
VMware already published the updates on Friday last week and warned that quick action is of the utmost importance. Warning turned out to be true: Manufacturer has a safety warning Note now addedThat exploit code has become public.
It attacks a vulnerability in VMware Workspace One Access, Identity Manager and vRealize Automation that allows malicious actors on the network to access the user interface without obtaining administrative access without authentication (CVE-2022-31656, CVSS) 9.8, Critical,
VMware administrators should quickly install the updates now available. Cybercriminals are now adopting exploit codes available in a very short time. In addition, VMware installations are increasingly being targeted by attackers.