Data Protection

CISA Issues VMware Vulnerability Alert and Emergency Directive

Arcserve May 27, 2022 1 min read
Standard Blog Featured Image

Updated May 27, 2022

A new proof-of-concept exploit code has been posted that enables a critical authentication bypass vulnerability in multiple VMware products. The exploit lets hackers gain admin privileges. VMware has released security updates and patch instructions that address the CVE-2022-22972 flaw that affects VMware Workspace ONE Access, VMware Identity Manager (vIDM), or vRealize Automation. VMware also posted temporary workaround instructions for admins unable to immediately patch vulnerable appliances. The workaround requires that all users are disabled except for one provisioned administrator. 

Stay tuned for updates.

________________________

VMware is the virtualization technology leader in terms of market share. That’s why we wanted to share this emergency directive and related advisory as soon as we saw it. The Cybersecurity and Infrastructure Security Agency (CISA) issued the emergency directive and released its advisory in response to the active and expected further exploitation of multiple vulnerabilities found in specific VMware products:

  • VMware Workspace ONE Access (Access)
  • VMware Identity Manager (vIDM)
  • VMware vRealize Automation (vRA)
  • VMware Cloud Foundation
  • vRealize Suite Lifecycle Manager

If you have any of these products deployed within your infrastructure, you need to take action now.

In the alert, CISA says that VMware updates released on April 6 this year—developed to patch previously discovered vulnerabilities—were exploited by malicious actors within 48 hours of the release. The hackers were able to reverse engineer the updates and immediately started to exploit vulnerabilities in unpatched devices.   

VMware has responded with an advisory that describes the vulnerabilities and provides guidance for response and remediation. CISA has posted its emergency directive for mitigation to notify government agencies and organizations that work with those agencies as to the steps they need to take to mitigate the vulnerability.

We’ll share updates as they are made available. If you have questions, please contact us.

Don't forget to share this post!

Arcserve
More by author

Related posts

Please upload the image

MSPs and VARs: How to Transform Your Customers Into Your Best Salespeople

January 24, 2024
Arcserve
Please upload the image

Arcserve Announces Channel Partners of the Year at Americas Partners vConference

May 25, 2022
Arcserve
Please upload the image
Uncategorized

Video: Creating ConnectWise Automate Internal Monitoring

June 20, 2018
Arcserve