Get in Touch
No known specific target industry.
Severity level: Critical – vulnerabilities have received a Common Vulnerability Scoring System (CVSS) Base score of 9.8/10, and compromise may result in a threat actor gaining administrator-level privileges within sensitive systems.
VMware has released updates to address three critical vulnerabilities in VMware Workspace ONE Assist. The tool is used by administrators for remote access but can be exploited to take control of the application.
The three vulnerabilities affecting VMware are being tracked as:
– CVE-2022-31685 (Authentication Bypass vulnerability)
– CVE-2022-31686 (Broken Authentication Method vulnerability)
– CVE-2022-31687 (Broken Access Control vulnerability).
A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.
Workspace ONE Assist 21.x
Workspace ONE Assist 22.x
Containment, Mitigations & Remediations
Customers are strongly recommended to update all instances of VMware to the latest patching level to remove these vulnerabilities.
Indicators of Compromise
VMware Workspace ONE assist instances prior to version 22.10 are vulnerable.
There is no known public proof of concept or exploit available currently, but due to the attacks low complexity, there is a realistic possibility that malicious actors could develop an exploit capability in the near future.
No specific threat groups identified