There is a zero-day bug, command injection with escalated privileges, affecting six product lines from VMware, there is no vendor patch available yet.
||Privilege Escalation/Command Injection
||No vendor patches available as of now
Critical VMware Zero-Day Bug
An attacker with network access to administrative configurator on port 8443 [default], as an outcome of initial compromise of the service via brute-forcing/Dictionary/Password spraying, can execute system level commands with unrestricted privileges on the underlying operating system.
- VMware Workspace One Access (Access)
- VMware Workspace One Access Connector (Access Connector)
- VMware Identity Manager (vIDM)
- VMware Identity Manager Connector (vIDM Connector)
- VMware Cloud Foundation
- vRealize Suite Lifecycle Manager
- VMware Workspace One Access 20.10 (Linux)
- VMware Workspace One Access 20.01 (Linux)
- VMware Identity Manager 3.3.3 (Linux)
- VMware Identity Manager 3.3.2 (Linux)
- VMware Identity Manager 3.3.1 (Linux)
- VMware Identity Manager Connector 3.3.2, 3.3.1 (Linux)
- VMware Identity Manager Connector 3.3.3, 3.3.2, 3.3.1 (Windows)
- Once the admin configurator is compromised, an attacker can execute OS commands with unrestricted privilege.
- Attackers can then implant a backdoor on the target system for later access.
- The entire network can be compromised via a single compromised system in the network domain.
- Attackers can initiate a full recon and carry out lateral movement across the network.
- Loss of confidentiality, integrity, and availability of data and other concerned services.
- Security incidents tarnish business-client relationships.
- Businesses can fall prey to money extortion demands from attacker groups.
The vendor has not published any patches.