VMware Rolls a Fix for Formerly Critical Zero-Day Bug

VMware has patched a zero-day bug that was disclosed in late November – an escalation-of-privileges flaw that impacts Workspace A single and other platforms, for both of those Windows and Linux functioning methods.

VMware has also revised the CVSS severity score for the bug to “important,” down from critical.

The U.S. Cybersecurity and Infrastructure Security Company (CISA) experienced initially flagged the unpatched security vulnerability on Nov. 23, which has an effect on 12 VMware variations across its Cloud Basis, Id Manager, vRealize Suite Lifecycle Manager and Workspace Just one portfolios. It was documented to the firm by the Nationwide Security Agency (NSA).

Tracked as CVE-2020-4006, the bug permits command injection, in accordance to the company’s advisory.

“A destructive actor with network access to the administrative configurator on port 8443 and a valid password for the configurator admin account can execute commands with unrestricted privileges on the underlying running system,” VMware wrote in an updated advisory on Thursday.

Though the bug was originally provided a 9.1 out of 10 on the CVSS severity scale, even further investigation confirmed that any attacker would have to have the password pointed out in the update, producing it considerably more difficult to exploit efficiently. Its ranking is now 7.2, producing it “important” rather than “critical.”

“This account is inner to the impacted products and solutions and a password is established at the time of deployment,” according to the advisory. “A destructive actor ought to possess this password to attempt to exploit CVE-2020-4006.”

The password would have to have to be obtained through strategies like phishing or brute forcing/credential stuffing, it extra.

When the vulnerability was disclosed in November, the business issued workarounds “for a temporary answer to reduce exploitation of CVE-2020-4006,” with the tradeoff that configurator-managed environment changes are possible though the workaround is in location. Nonetheless, a whole patch is now readily available.

The solutions impacted by the vulnerability are:

• VMware Workspace Just one Accessibility (Obtain)
• VMware Workspace One Access Connector (Access Connector)
• VMware Identification Supervisor (vIDM)
• VMware Id Supervisor Connector (vIDM Connector)
• VMware Cloud Foundation
• vRealize Suite Lifecycle Manager

Variations impacted are:

• VMware Workspace One Obtain 20.01, 20.10 (Linux)
• VMware Id Supervisor 3.3.3, 3.3.2, 3.3.1 (Linux)
• VMware Id Manager Connector 3.3.2, 3.3.1 (Linux)
• VMware Id Supervisor Connector 3.3.3, 3.3.2, 3.3.1 (Windows)
• VMware Cloud Basis 4.x (Linux and Windows)
• vRealize Suite Lifecycle Manager 8.x (Linux and Windows)

There have been no reviews of exploitation in the wild.

Put Ransomware on the Run: Save your spot for “What’s Following for Ransomware,” a FREE Threatpost webinar on Dec. 16 at 2 p.m. ET. Find out what is coming in the ransomware entire world and how to combat back. 

Get the latest from John (Austin) Merritt, Cyber Risk Intelligence Analyst at Electronic Shadows, and Israel Barak, CISO at Cybereason, on new kinds of attacks. Topics will include things like the most unsafe ransomware threat actors, their evolving TTPs and what your group demands to do to get ahead of the future, unavoidable ransomware attack. Sign-up here for the Wed., Dec. 16 for this LIVE webinar.