VMware fixes three critical auth bypass bugs in remote access tool – BleepingComputer

npressfetimg-438.png

VMware has released security updates to address three critical severity vulnerabilities in the Workspace ONE Assist solution that enable remote attackers to bypass authentication and elevate privileges to admin.

Workspace ONE Assist provides remote control, screen sharing, file system management, and remote command execution to help desk and IT staff remotely access and troubleshoot devices in real time from the Workspace ONE console.

The flaws are tracked as CVE-2022-31685 (authentication bypass), CVE-2022-31686 (broken authentication method), and CVE-2022-31687 (broken authentication control) and have received 9.8/10 CVSSv3 base scores.

Non-authenticated threat actors can exploit them in low-complexity attacks that don’t require user interaction for privilege escalation.

“A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application,” VMware describes the three security bugs.

Fixed in Workspace ONE Assist 22.10

The company patched them today with the release of Workspace ONE Assist 22.10 (89993) for Windows customers.

VMware also patched a reflected cross-site scripting (XSS) vulnerability (CVE-2022-31688) that enables attackers to inject javascript code in the target user’s window and a session fixation vulnerability (CVE-2022-31689) that allows authentication after obtaining a valid session token.

All vulnerabilities patched today have been found and reported to VMware by Jasper Westerman, Jan van der Put, Yanick de Pater, and Harm Blankers of REQON IT-Security.

In August, VMware warned admins to patch another critical authentication bypass security flaw in VMware Workspace ONE Access, Identity Manager, and vRealize Automation, enabling unauthenticated attackers to gain admin privileges.

One week later, the company revealed that proof-of-concept (PoC) exploit code was released online after the researcher who discovered and reported the vulnerability shared a PoC exploit.

In May, VMware patched an almost identical critical vulnerability, another authentication bypass (CVE-2022-22972) found by Bruno López of Innotec Security in Workspace ONE Access, VMware Identity Manager (vIDM), and vRealize Automation.

Source: https://news.google.com/__i/rss/rd/articles/CBMicmh0dHBzOi8vd3d3LmJsZWVwaW5nY29tcHV0ZXIuY29tL25ld3Mvc2VjdXJpdHkvdm13YXJlLWZpeGVzLXRocmVlLWNyaXRpY2FsLWF1dGgtYnlwYXNzLWJ1Z3MtaW4tcmVtb3RlLWFjY2Vzcy10b29sL9IBdmh0dHBzOi8vd3d3LmJsZWVwaW5nY29tcHV0ZXIuY29tL25ld3Mvc2VjdXJpdHkvdm13YXJlLWZpeGVzLXRocmVlLWNyaXRpY2FsLWF1dGgtYnlwYXNzLWJ1Z3MtaW4tcmVtb3RlLWFjY2Vzcy10b29sL2FtcC8?oc=5

Remote access

npressfetimg-1249.png
Remote access

Remote Access to Government and Courts is Needlessly Eroding – GlobeNewswire

TORRANCE, Calif., Jan. 31, 2023 (GLOBE NEWSWIRE) — Tragically, it is now almost a daily occurrence for courts and government bodies of all sizes across the nation to eliminate or restrict remote public access and partic…….

Read More
npressfetimg-1176.png
Remote access

New Python malware backdoors VMware ESXi servers for remote access – BleepingComputer

A previously undocumented Python backdoor targeting VMware ESXi servers has been spotted, enabling hackers to execute commands remotely on a compromised system.

VMware ESXi is a virtualization platform commonly used in the enterprise to host numerous servers on one device while using CPU and memory resources more effectively.

The new backdoor was discovered by Juniper Ne…….

Read More
npressfetimg-1103.png
Remote access

Industrial Remote Access Market Size 2023 Global Development … – Digital Journal

PRESS RELEASE

Published January 24, 2023

[Newest Report with 102 Pages] : Industrial Remote Access Market Outlook report covers segment by Applications (Machine Manufacturer, Line Manufacturer, System Integrator), By Types (Industrial VPN Router, Software System) and offers extensive forecasts from 2023-2029.

[No. of Pages 102] | Pre and Post Covid is Covered and Report is Av…….

Read More
Powered by WordPress | WP Magazine by WP Mag Plus