Free Access
Blog

SQL Injection Failure and Flaws That Allow Remote Attackers to Execute Code Remotely Have Been Patched by Vmware

This image is about VMware patching SQL injection vulnerabilities.

The proof-of-concept exploit code is publicly available for a critical authentication bypass vulnerability in multiple VMware products that allows attackers to gain administrative privileges.

VMware has previously released updates to the vulnerability (CVE-2022-31656, CVSS: N/A) affecting VMware Workspace ONE Access, Identity Manager and vRealize Automation.

A high severity SQL injection flaw (CVE-2022-31659, CVSS: N/A) and other flaws that allowed remote attackers to remotely execute code were patched the same day.

“Confirmed malicious code that can exploit CVE-2022-31656 and CVE-2022-31659 in impacted products is publicly available” in VMware’s updated advisory.

A proof-of-concept (PoC) vulnerability and detailed technical analysis for the bug have been released by VNG Security researcher Petrus Viet, who discovered and reported the flaw.

He said last week that a CVE-2022-22972 (CVSS: 9.8 Critical) PoC will be made available this week.

In a post by Bob Plankers on the VMware Security Blog, “It is extremely important that you quickly take steps to patch or mitigate these issues in on-premises deployments.”

“If your organization uses ITIL methodologies for change management, this would be considered an “emergency” change.”

In another published document, VMware says it was not aware of these vulnerabilities being exploited.

The company has posted download links for patches and detailed installation instructions on its website.

Shared a temporary workaround for unpatched devices with vulnerabilities. Requested to disable all users except the authorized administrator.

All unpatched devices should be immediately updated or taken offline to avoid compromise, as threat actors will likely develop their own exploits for use in attacks.Failure to do so can lead to network breaches and serious attacks such as ransomware distribution and data theft.

References:

https://blogs.vmware.com/security/2022/08/vmsa-2022-0021-what-you-need-to-know.html

https://kb.vmware.com/s/article/89096

https://core.vmware.com/vmsa-2022-0021-questions-answers-faq#sec21458-sub3

https://mobile.twitter.com/VietPetrus/status/1556999921320235009

More posts

This image is about monthly vulnerabilities for September 2024.
Peek into Monthly Vulnerabilities: September 2024
October 9, 2024
This image is about the ServiceNow data leak.
ServiceNow Data Leak: Risks of Misconfigured Knowledge Bases
September 18, 2024
This image is about monthly vulnerabilities for July 2024.
Peek into Monthly Vulnerabilities: July 2024
August 12, 2024
This image is about cyber strategies for the Paris Olympics 2024.
Securing the Games: Cyber Strategies for Paris Olympics 2024
August 9, 2024
This image is about Russian influence operations targeting the Paris Olympics 2024.
Hunter’s Lens: Russian Influence Operations Targeting the Paris Olympics 2024
August 2, 2024
View All
advanced divider

Share this article

Found it interesting? Don’t hesitate to share it to wow your friends or colleagues
advanced divider
Subscribe to our blog newsletter to follow the latest posts
Stay informed with the latest updates, expert insights, and in-depth analysis from ThreatMon’s cybersecurity intelligence. Subscribe to receive critical news, threat reports, and industry trends directly in your inbox, helping you stay ahead of emerging cyber threats.

Platform

Subscriptions

Solutions

Resources

Partner

Company

© 2024 ThreatMon. All rights reserved.
X-twitter Linkedin-in Github