Researcher Petrus Viet of VNG Security has discovered a flaw (CVE-2022-31656) in multiple VMware products that allows a threat actor to gain Remote Code Execution (RCE) and privilege escalation to ‘root’ on unpatched servers. VMware determined the severity of the bug to be critical, giving it a CVSSv3 score of 9.8/10 and urging organizations to take immediate action.
The following VMware products are affected:
- VMware Workspace ONE Access (Access)
- VMware Workspace ONE Access Connector (Access Connector)
- VMware Identity Manager (vIDM)
- VMware Identity Manager Connector (vIDM Connector)
- VMware vRealize Automation (vRA)
- VMware Cloud Foundation
- vRealize Suite Lifecycle Manager
VMware has stated that there is no evidence of this vulnerability being abused in the wild.