Other official information and services: www.belgium.be

WARNING: VMWARE PRODUCTS VULNERABLE TO AUTHENTICATION BYPASS

Referentie:

Advisory #2022-037

Versie:

1.0

Geïmpacteerde software:

Workspace ONE Assist, versions 21.x and 22.x

Type:

Authentication Bypass (CVE-2022-31685), broken authentication method (CVE-2022-31686) and broken authentication control (CVE-2022-31687)

CVE/CVSS:

CVE-2022-31685 (CVSSv3: 9.8/10)

CVE-2022-31686 (CVSSv3: 9.8/10)

CVE-2022-31687 (CVSSv3: 9.8/10)

Datum:

09/11/2022

Bronnen

https://www.vmware.com/security/advisories/VMSA-2022-0028.html
https://kb.vmware.com/s/article/89993

Risico’s

The attacks that a malicious actor can conduct by exploiting any of these three vulnerabilities are of low complexity and don’t require user interaction.

An attacker with network access to Workspace ONE Assist can obtain administrative access without having to authenticate to the application.

Aanbevolen acties

The Centre for Cyber Security Belgium recommends that administrators of VMware systems check if their devices are affected according to the respective security advisories.

Since an update is available (Workspace ONE Assist 22.10 (89993)), we urge administrators to prioritize patching these devices as soon as possible.

Referenties

https://www.bleepingcomputer.com/news/security/vmware-fixes-three-critical-auth-bypass-bugs-in-remote-access-tool/?&web_view=true
https://www.cybersecurity-help.cz/vdb/SB2022110828
https://thehackernews.com/2022/11/vmware-warns-of-3-new-critical-flaws.html