CVE-2022-22960
CVE-2022-22960
In short
VMware Workspace ONE Access, Identity Manager, and vRealize Automation have a flaw in their support scripts that allows someone with local access to gain root-level control of the system. This is dangerous because an attacker can then take full control of the server.
Technical detail
Improper file permissions on support scripts (CWE-732) allow local privilege escalation to root. An authenticated local user can exploit inadequate access controls to execute privileged operations, resulting in complete system compromise.
Summary generated and translated by AI from the official description.
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
public PoCs found — 3
cve_referencepacketstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.htmlunverifiedcve_referencepacketstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.htmlunverifiedcve_referencepacketstormsecurity.com/files/171935/VMware-Workspace-ONE-Access-Privilege-Escalation.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/171935/VMware-Workspace-ONE-Access-Privilege-Escalation.htmlhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22960https://www.vmware.com/security/advisories/VMSA-2022-0011.html