VMware Releases Critical Patches for New Vulnerabilities Affecting Multiple Products

 VMware Releases Critical Patches for New   Vulnerabilities Affecting Multiple Products

Description:

VMware has released security updates to patch eight vulnerabilities affecting VMware Workspace ONE Access, VMware Identity Manager, VMware vRealize Automation, VMware Cloud Foundation, and vRealize Suite Lifecycle Manager. Tracked from CVE-2022-22954 to CVE-2022-22961 (CVSS scores: 5.3 - 9.8), if exploited, the disclosed flaws could allow a malicious actor to escalate privileges to root user, gain access to the hostnames of the target systems, and remotely execute arbitrary code, effectively allowing the full takeover

CVE_IDs:  

  • CVE-2022-22954 
  • CVE-2022-22955
  • CVE-2022-22956 
  • CVE-2022-22957
  • CVE-2022-22958
  • CVE-2022-22959
  • CVE-2022-22960
  • CVE-2022-22961

Source:  

https://www.vmware.com/security/advisories/VMSA-2022-0011.html

Impact:

Successful exploitation of the flaws could allow a malicious actor to escalate privileges to root user, gain access to the hostnames of the target systems, and remotely execute arbitrary code, effectively allowing the full takeover

Suggestions and Recommendations: 

VMware has released the patch for the vulnerabilities. Users of the vulnerable products are recommended to apply the patch as soon as possible

Zyxel patches critical bug affecting firewall and VPN devices

Description:

Zyxel has released patches for products affected by the authentication bypass vulnerability. Tracked as CVE-2022-0342 is an authentication bypass vulnerability caused by the lack of a proper access control mechanism. This has been found in the CGI program of some firewall versions. The flaw could allow an attacker to bypass the authentication and obtain administrative access of the device.

CVE_IDs:  

  • CVE-2022-0342

Source:  

Zyxel Releases Patches for Critical Bug Affecting Business Firewall and VPN Devices (thehackernews.com)

Impact:

Successful exploitation of the flaw could allow an attacker to bypass the authentication and obtain administrative access of the device.

Suggestions and Recommendations: 

The bug has been addressed and users are recommended to apply the fixes

 Palo Alto Networks firewalls, VPNs vulnerable to OpenSSL bug

Description:

Palo Alto Networks warned customers that some of its firewall, VPN, and XDR products are vulnerable to a high severity OpenSSL infinite loop bug disclosed three weeks ago. Threat actors can exploit this security vulnerability to trigger a denial-of-service state and remotely crash devices running unpatched software. 

PAN-OS, GlobalProtect app, and Cortex XDR agent software contain a vulnerable version of the OpenSSL library and product availability is impacted by this vulnerability

CVE_IDs:  

CVE - CVE-2022-0778

Source:

Palo Alto Networks firewalls, VPNs vulnerable to OpenSSL bug (bleepingcomputer.com)

Impact:

Successful exploitation of the flaw causes a denial-of-service state and remotely crashes devices running unpatched software

Suggestions and Recommendations: 

While hotfixes are still in development, customers with Threat Prevention subscriptions can enable Threat IDs 92409 and 92411 to block known attacks for this vulnerability

Monal Tech, Arjun Aryal 10 April, 2022
Share this post
Tags
Our blogs
Archive
Sign in to leave a comment

Spring Core RCE Zero-Day Vulnerability