image credit: Adobe Stock

CISA: Hackers Will Quickly Start Exploiting Newly Patched VMware Vulnerabilities

May 19, 2022

The actively exploited vulnerabilities are tracked as CVE-2022-22954 and CVE-2022-22960, and they allow remote code execution and privilege escalation, respectively. They affect VMware Workspace ONE Access, Identity Manager, and vRealize Automation, and they were patched in early April.

Both vulnerabilities were reported to VMware by Steven Seeley of the Qihoo 360 Vulnerability Research Institute.

Initial reports only named CVE-2022-22954 as being exploited in the wild, but several cybersecurity firms later observed attacks chaining the vulnerability with CVE-2022-22960 for privilege escalation.

Read More on Security Week