Cybercriminals Exploiting Unpatched VMware Vulnerabilities: Cert-In

The Indian Computer Emergency Response Team (Cert-In) has reported that cyber threat actors are taking advantage of certain unpatched VMware vulnerabilities. These vulnerabilities have been noticed across VMware products, including VMware Workspace ONE access, VMware Identity Manager, VMware vRealize Automation and more.

In a report on its website, Cert-In said that two types of vulnerabilities have been identified in VMware’s systems. Remote code execution vulnerability was noticed in VMware Workspace ONE access and Identity Manager, through which a threat actor can execute an arbitrary code on the target system.

Also, privilege access vulnerability was identified VMware Workspace ONE access, Identity Manager, and VMware vRealize Automation due to improper permissions in support scripts. Attackers can use this vulnerability by sending specially-crafted request that could allow them to gain elevated privileges on the target system.

VMware has addressed the vulnerability through its latest updates through fresh patches.