Critical VMware Zero-Day Affects 6 Product Lines; No patch available

Advisory Vulnerability Intelligence
Vendor VMware
CVSS 9.1/10 [Critical]
CVE 2020-4006
Target Linux/Windows system
Outcome Privilege Escalation/Command Injection
Patch Availability No vendor patches available as of now

There is a zero-day bug, command injection with escalated privileges, affecting six product lines from VMware, there is no vendor patch available yet.

Critical VMware Zero-Day Bug

An attacker with network access to administrative configurator on port 8443 [default], as an outcome of initial compromise of the service via brute-forcing/Dictionary/Password spraying, can execute system level commands with unrestricted privileges on the underlying operating system.

Affected Products

  • VMware Workspace One Access (Access)
  • VMware Workspace One Access Connector (Access Connector)
  • VMware Identity Manager (vIDM)
  • VMware Identity Manager Connector (vIDM Connector)
  • VMware Cloud Foundation
  • vRealize Suite Lifecycle Manager

Affected versions

  • VMware Workspace One Access 20.10 (Linux)
  • VMware Workspace One Access 20.01 (Linux)
  • VMware Identity Manager 3.3.3 (Linux)
  • VMware Identity Manager 3.3.2 (Linux)
  • VMware Identity Manager 3.3.1 (Linux)
  • VMware Identity Manager Connector 3.3.2, 3.3.1 (Linux)
  • VMware Identity Manager Connector 3.3.3, 3.3.2, 3.3.1 (Windows)

Impact

Technical Impact

  • Once the admin configurator is compromised, an attacker can execute OS commands with unrestricted privilege.
  • Attackers can then implant a backdoor on the target system for later access.
  • The entire network can be compromised via a single compromised system in the network domain.
  • Attackers can initiate a full recon and carry out lateral movement across the network.

Business Impact

  • Loss of confidentiality, integrity, and availability of data and other concerned services.
  • Security incidents tarnish business-client relationships.
  • Businesses can fall prey to money extortion demands from attacker groups.

Mitigation

The vendor has not published any patches.

Workaround

1 Like