VMware Command Injection Vulnerability (CVE-2020-4006): VMware products (Workspace One Access, Access Connector, Identity Manager, Identity Manager Connector, and Cloud Foundation) contain a Command Injection vulnerability in the administrative configurator.
NSA disclosed a critical vulnerability on a number of VMware products that has been exploited in the wild by Russian hackers and published a security advisory about the vulnerability on December 7, 2020.
The affected VMware products are as follows:
- VMware Workspace Workspace One Access
- VMware Workspace One Access Connector
- VMware Identity Manager
- VMware Identity Manager Connector
- VMware Cloud Foundation
- vRealize Suite Lifecycle Manager
The vulnerability allows an attacker with admin credentials and network access to the administrative configurator on port 8843 to execute commands with unrestricted privileges on the underlying operating system.
Note that, there are two prerequisites to exploit this vulnerability:
- A network access over port 8443, so that an attacker can connect to the administrative configurator.
- Admin credentials to log in to the administrative configurator.
An authenticated (admin) remote attacker can conduct command injection attacks, allowing the threat actor to execute unrestricted commands on the underlying operating system.
Category: Command Injection
CVSS 3.1 Base Score: 7.2 High
CVSS 3.1 Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
To defend against possible attacks due to the VMware Command Injection Vulnerability (CVE-2020-4006), vulnerable VMware products need to be updated/patched or the workarounds should be applied in line with the VMware Security Advisory.
You are absolutely deluded, if not stupid, if you think that a worldwide collection of software engineers who can’t write operating systems or applications without security holes, can then turn around and suddenly write virtualization layers without security holes.Theo De Raadt
Read more educational and inspirational cyber quotes at our page 100+ Best Cyber Security & Hacker Quotes.
References to Advisories, Solutions and Tools
To learn more about security vulnerabilities, you could also read our articles What is a Security Vulnerability? or What is Vulnerability Scanning?