Advisory | Vulnerability Intelligence |
Vendor | VMware |
CVSS | 9.1/10 |
CVE | 2020-4006 |
Target | Linux/Windows system |
Outcome | Privilege Escalation/Command Injection |
Patch Availability | No vendor patches available as of now |
Critical VMware Zero-Day Bug
An attacker with network access to administrative configurator on port 8443 , as an outcome of initial compromise of the service via brute-forcing/Dictionary/Password spraying, can execute system level commands with unrestricted privileges on the underlying operating system.Affected Products
- VMware Workspace One Access (Access)
- VMware Workspace One Access Connector (Access Connector)
- VMware Identity Manager (vIDM)
- VMware Identity Manager Connector (vIDM Connector)
- VMware Cloud Foundation
- vRealize Suite Lifecycle Manager
Affected versions
- VMware Workspace One Access 20.10 (Linux)
- VMware Workspace One Access 20.01 (Linux)
- VMware Identity Manager 3.3.3 (Linux)
- VMware Identity Manager 3.3.2 (Linux)
- VMware Identity Manager 3.3.1 (Linux)
- VMware Identity Manager Connector 3.3.2, 3.3.1 (Linux)
- VMware Identity Manager Connector 3.3.3, 3.3.2, 3.3.1 (Windows)
Impact
Technical Impact
- Once the admin configurator is compromised, an attacker can execute OS commands with unrestricted privilege.
- Attackers can then implant a backdoor on the target system for later access.
- The entire network can be compromised via a single compromised system in the network domain.
- Attackers can initiate a full recon and carry out lateral movement across the network.
Business Impact
- Loss of confidentiality, integrity, and availability of data and other concerned services.
- Security incidents tarnish business-client relationships.
- Businesses can fall prey to money extortion demands from attacker groups.