Critical VMware Zero-Day Affects 6 Product Lines; No patch available
Published on November 25, 2020 | 11:39 PM IST
Share this Advisory:
Critical VMware Zero-Day Bug
An attacker with network access to administrative configurator on port 8443 [default], as an outcome of initial compromise of the service via brute-forcing/Dictionary/Password spraying, can execute system level commands with unrestricted privileges on the underlying operating system.
Affected Products
- VMware Workspace One Access (Access)
- VMware Workspace One Access Connector (Access Connector)
- VMware Identity Manager (vIDM)
- VMware Identity Manager Connector (vIDM Connector)
- VMware Cloud Foundation
- vRealize Suite Lifecycle Manager
Affected versions
- VMware Workspace One Access 20.10 (Linux)
- VMware Workspace One Access 20.01 (Linux)
- VMware Identity Manager 3.3.3 (Linux)
- VMware Identity Manager 3.3.2 (Linux)
- VMware Identity Manager 3.3.1 (Linux)
- VMware Identity Manager Connector 3.3.2, 3.3.1 (Linux)
- VMware Identity Manager Connector 3.3.3, 3.3.2, 3.3.1 (Windows)
Impact
Technical Impact
- Once the admin configurator is compromised, an attacker can execute OS commands with unrestricted privilege.
- Attackers can then implant a backdoor on the target system for later access.
- The entire network can be compromised via a single compromised system in the network domain.
- Attackers can initiate a full recon and carry out lateral movement across the network.
Business Impact
- Loss of confidentiality, integrity, and availability of data and other concerned services.
- Security incidents tarnish business-client relationships.
- Businesses can fall prey to money extortion demands from attacker groups.
Mitigation
The vendor has not published any patches.
Workaround
Be informed in your Inbox
Sign up now to our Threat intelligence Newsletter and be the first to know about threats first in your inbox.
Join the Discussions
Discuss your way into our Community about these threats and stay Vigilant and informed.