Critical VMware Zero-Day Affects 6 Product Lines; No patch available

There is a Critical VMWare zero-day command injection with escalated privileges, affecting six product lines, there is no vendor patch yet.
Updated on
April 19, 2023
Published on
November 26, 2020
Subscribe to the latest industry news, threats and resources.
Advisory Vulnerability Intelligence
Vendor VMware
CVSS  9.1/10  [Critical]
CVE 2020-4006
Target Linux/Windows system
Outcome Privilege Escalation/Command Injection
Patch Availability No vendor patches available as of now
  There is a zero-day bug, command injection with escalated privileges, affecting six product lines from VMware, there is no vendor patch available yet. [/vc_wp_text][vc_column_text]

Critical VMware Zero-Day Bug

An attacker with network access to administrative configurator on port 8443 [default], as an outcome of initial compromise of the service via brute-forcing/Dictionary/Password spraying, can execute system level commands with unrestricted privileges on the underlying operating system.  

Affected Products

  • VMware Workspace One Access (Access)
  • VMware Workspace One Access Connector (Access Connector)
  • VMware Identity Manager (vIDM)
  • VMware Identity Manager Connector (vIDM Connector)
  • VMware Cloud Foundation
  • vRealize Suite Lifecycle Manager

Affected versions

  • VMware Workspace One Access    20.10 (Linux)
  • VMware Workspace One Access    20.01 (Linux)
  • VMware Identity Manager   3.3.3 (Linux)
  • VMware Identity Manager    3.3.2 (Linux)
  • VMware Identity Manager    3.3.1 (Linux)
  • VMware Identity Manager Connector 3.3.2, 3.3.1 (Linux)
  • VMware Identity Manager Connector 3.3.3, 3.3.2, 3.3.1 (Windows)


Technical Impact

  • Once the admin configurator is compromised, an attacker can execute OS commands with unrestricted privilege.
  • Attackers can then implant a backdoor on the target system for later access.
  • The entire network can be compromised via a single compromised system in the network domain.
  • Attackers can initiate a full recon and carry out lateral movement across the network.

Business Impact

  • Loss of confidentiality, integrity, and availability of data and other concerned services.
  • Security incidents tarnish business-client relationships. 
  • Businesses can fall prey to money extortion demands from attacker groups.


The vendor has not published any patches.  


Get Global Threat Intelligence on Real Time

Protect your business from cyber threats with real-time global threat intelligence data.. 30-day free and No Commitment Trial.
Schedule a Demo
Real time Threat Intelligence Data
More information and context about Underground Chatter
On-Demand Research Services
Dashboard mockup
Global Threat Intelligence Feed

Protect and proceed with Actionable Intelligence

The Global Cyber Threat Intelligence Feed is an innovative platform that gathers information from various sources to help businesses and organizations stay ahead of potential cyber-attacks. This feed provides real-time updates on cyber threats, including malware, phishing scams, and other forms of cybercrime.
Trusted by 400+ Top organisations