• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
vmware urges users to patch critical authentication bypass bug

VMWare Urges Users to Patch Critical Authentication Bypass Bug

You are here: Home / Latest Cyber Security Vulnerabilities / VMWare Urges Users to Patch Critical Authentication Bypass Bug
August 3, 2022

Vulnerability—for which a proof-of-principle is forthcoming—is 1 of a string of flaws the business fixed that could direct to an attack chain.

VMware and specialists alike are urging buyers to patch a number of products influenced by a critical authentication bypass vulnerability that can make it possible for an attacker to gain administrative access to a program as nicely as exploit other flaws.

The bug—tracked as CVE-2022-31656—earned a ranking of 9.8 on the CVSS and is a person of a number of fixes the corporation created in numerous items in an update released on Tuesday for flaws that could effortlessly develop into an exploit chain, scientists mentioned.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


CVE-2022-31656 also definitely the most hazardous of these vulnerabilities, and probably will become extra so as the researcher who discovered it–Petrus Viet of VNG Security–has promised in a tweet that a proof-of-strategy exploit for the bug is “soon to adhere to,” industry experts mentioned.

Infosec Insiders Newsletter

This provides urgency to the have to have for organizations affected by the flaw to patch now, researchers stated.

“Given the prevalence of attacks focusing on VMware vulnerabilities and a forthcoming proof-of-notion, companies require to make patching CVE-2022-31656 a precedence,” Claire Tillis, senior research engineer with Tenable’s Security Response Staff, explained in an email to Threatpost. “As an authentication bypass, exploitation of this flaw opens up the probability that attackers could generate pretty troubling exploit chains.”

Opportunity for Attack Chain

Precisely, CVE-2022-31656 is an authentication bypass vulnerability impacting VMware Workspace One Obtain, Id Manager and vRealize Automation.

The bug has an effect on regional area end users and necessitates that a distant attacker have to have network obtain to a vulnerable consumer interface, according to a blog post by Tillis released Tuesday. The moment an attacker achieves this, he or she can use the flaw to bypass authentication and attain administrative accessibility, she explained.

Also, the vulnerability is the gateway to exploiting other remote code execution (RCE) flaws tackled by VMWare’s release this week—CVE-2022-31658 and CVE-2022-31659—to type an attack chain, Tillis noticed.

CVE-2022-31658 is a JDBC injection RCE vulnerability that have an effect on VMware Workspace A single Entry, Identity Supervisor and vRealize Automation that’s attained an “important” rating on the CVSS—8.. The flaw enables a malicious actor with administrator and network obtain to cause RCE.

CVE-2022-31659 is an SQL injection RCE vulnerability that has an effect on VMware Workspace One particular Obtain and Id Supervisor and also acquired a score of 8. with a equivalent attack vector to CVE-2022-31658. Viet is credited with finding the two of these flaws.

The other 6 bugs patched in the update involve an additional RCE bug (CVE-2022-31665) rated as crucial two privilege escalation vulnerabilities (CVE-2022-31660 and CVE-2022-31661) rated as essential a neighborhood privilege escalation vulnerability (CVE-2022-31664) rated as significant a URL Injection Vulnerability (CVE-2022-31657) rated as average and a route traversal vulnerability (CVE-2022-31662) rated as average.

Patch Early, Patch All the things

VMware is no stranger to acquiring to rush out patches for critical bugs identified in its items, and has experienced its share of security woes owing to the ubiquity of its platform throughout organization networks.

In late June, for illustration, federal businesses warned of attackers pummeling VMware Horizon and Unified Obtain Gateway (UAG) servers to exploit the now-notorious Log4Shell RCE vulnerability, an uncomplicated-to-exploit flaw found in the Apache logging library Log4J late past 12 months and consistently specific on VMware and other platforms because then.

In truth, occasionally even patching has however not been ample for VMware, with attackers focusing on existing flaws following the enterprise does its thanks diligence to release a fix.

This state of affairs happened in December 2020, when the feds warned the adversaries ended up actively exploiting a months-old bug in Workspace A person Entry and Id Supervisor items three times after the seller patched the vulnerability.

Although all signs level to the urgency of patching the most recent menace to VMware’s platform, it is highly most likely that even if the information is heeded, the risk will persist for the foreseeable potential, observed 1 security specialist.

Though enterprises are likely to originally move swiftly to patch the most imminent threats to their network, they usually pass up other spots attackers can exploit a flaw, observed Greg Fitzgerald, co-founder of Sevco Security, in an email to Threatpost. This is what sales opportunities to persistent and ongoing attacks, he reported.

“The most substantial risk for enterprises isn’t the speed at which they are making use of critical patches it arrives from not applying the patches on each and every asset,” Fitzgerald mentioned. “The basic actuality is that most companies fail to sustain an up-to-date and accurate IT asset inventory, and the most fastidious strategy to patch management are not able to assure that all business property are accounted for.”


Some pieces of this article are sourced from:
threatpost.com

Previous Post: «Cyber Security News Missile Maker MBDA Refutes Hacking Allegations
Next Post: Single-Core CPU Cracked Post-Quantum Encryption Candidate Algorithm in Just an Hour single core cpu cracked post quantum encryption candidate algorithm in just an»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
  • Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
  • CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
  • Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
  • WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
  • New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
  • AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
  • Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
  • Non-Human Identities: How to Address the Expanding Security Risk
  • ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Copyright © TheCyberSecurity.News, All Rights Reserved.