{"id":41585,"date":"2020-11-24T10:55:58","date_gmt":"2020-11-24T10:55:58","guid":{"rendered":"http:\/\/icloud.pe\/blog\/?guid=60b92df9387e89e7ce14170beb3d7d34"},"modified":"2020-11-24T10:55:58","modified_gmt":"2020-11-24T10:55:58","slug":"vmware-sounds-alarm-over-zero-day-flaws-in-multiple-products","status":"publish","type":"post","link":"https:\/\/icloud.pe\/blog\/vmware-sounds-alarm-over-zero-day-flaws-in-multiple-products\/","title":{"rendered":"VMware sounds alarm over zero-day flaws in multiple products"},"content":{"rendered":"<p><span class=\"field field-name-field-author field-type-node-reference field-label-hidden\"><br \/>\n      <span class=\"field-item even\"><a href=\"https:\/\/www.cloudpro.co.uk\/authors\/keumars-afifi-sabet-0\">Keumars Afifi-Sabet<\/a><\/span><br \/>\n  <\/span><\/p>\n<div class=\"field field-name-field-published-date field-type-datetime field-label-hidden\">\n<div class=\"field-items\">\n<div class=\"field-item even\"><span class=\"date-display-single\">24 Nov, 2020<\/span><\/div>\n<\/p><\/div>\n<\/div>\n<p class=\"short-teaser\">\n<a href=\"https:\/\/www.cloudpro.co.uk\/\" title=\"\" class=\"combined-link\"><\/a><\/p>\n<div class=\"field field-name-body\">\n<p>VMware has warned its customers about a critical vulnerability present across several of its products, including Workspace One Access and Identity Manager, that could allow\u00a0<a href=\"https:\/\/www.itpro.co.uk\/hacking\" >cyber criminals<\/a>\u00a0to take control of vulnerable machines.<\/p>\n<p>The command injection flaw, tracked as\u00a0<a href=\"https:\/\/www.vmware.com\/security\/advisories\/VMSA-2020-0027.html\" >CVE-2020-4006<\/a>\u00a0and rated 9.1 on the CVSS threat severity scale, can be exploited in a host of VMware products, the company has warned. There\u2019s currently no patch available, although the firm has issued a workaround that can be applied in some instances. There\u2019s also no mention as to whether the flaw is being actively exploited in the wild or not.<\/p>\n<p><!--wysiwyg_see-related_plugin--><\/p>\n<p>\nHackers armed with network access to the administrative configurator on port 8443 and a valid\u00a0<a href=\"https:\/\/www.itpro.co.uk\/security\/34616\/the-top-password-cracking-techniques-used-by-hackers\" >password<\/a>\u00a0to the admin account can exploit the flaw to execute commands with unrestricted privileges on the\u00a0<a href=\"https:\/\/www.itpro.co.uk\/operating-systems\/24841\/windows-vs-linux-whats-the-best-operating-system\" >underlying operating system (OS)<\/a>.\u00a0<\/p>\n<p>The affected services include VMware Workspace One Access, Workspace One Access Connector, Identity Manager, Identity Manager Connector, Cloud Foundation and vRealize Suite Lifecycle Manager.\u00a0<\/p>\n<p>The vulnerability can be exploited in some products hosted on\u00a0<a href=\"https:\/\/www.itpro.co.uk\/linux\" >Linux<\/a>\u00a0but not on Windows, and either operating system for other products. The full details on which software and OS configurations are affected are outlined on\u00a0<a href=\"https:\/\/www.vmware.com\/security\/advisories\/VMSA-2020-0027.html\" >VMware\u2019s security advisory<\/a>.<\/p>\n<p>Until a\u00a0<a href=\"https:\/\/www.itpro.co.uk\/security\/27713\/the-importance-and-benefits-of-effective-patch-management\" >patch is\u00a0released<\/a>, VMware has outlined a workaround that can be applied to some product lines but not all. Customers using Workspace One Access, VMware Identity Manager, and VMware Identity Manager Connector can follow the detailed steps\u00a0<a href=\"https:\/\/kb.vmware.com\/s\/article\/81731\" >outlined here<\/a>, relevant to the configurator hosted on port 8443. This involves running a set of commands for all affected products.\u00a0\u00a0<\/p>\n<p>The workaround isn&#8217;t compatible\u00a0with other products beyond those\u00a0three that may be affected, and customers will have to keep their eyes peeled for any news of a patch as and when one is released.\u00a0<\/p>\n<p>News of this command injection vulnerability has arrived only days after VMware\u00a0<a href=\"https:\/\/www.vmware.com\/security\/advisories\/VMSA-2020-0026.html\" >confirmed two critical flaws<\/a>\u00a0in its ESXi, Workstation, Fusion and Cloud Foundation products. <\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>      Keumars Afifi-Sabet<\/p>\n<p>        24 Nov, 2020    <\/p>\n<p>      VMware has warned its customers about a critical vulnerability present across several of its products, including Workspace One Access and Identity Manager, that could allow\u00a0cyber criminal&#8230;<\/p>\n","protected":false},"author":433,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-41585","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/41585","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/users\/433"}],"replies":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/comments?post=41585"}],"version-history":[{"count":1,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/41585\/revisions"}],"predecessor-version":[{"id":41586,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/41585\/revisions\/41586"}],"wp:attachment":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/media?parent=41585"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/categories?post=41585"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/tags?post=41585"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}