Threat Advisory

VMware multiple vulnerabilities

May 25, 2022 | By Accorian

The Cybersecurity and Infrastructure Security Agency (CISA) issued an Emergency Directive regarding the active exploitation of multiple vulnerabilities in VMware products. The directive resolves mainly around four distinct vulnerabilities. 

In April, VMware released patches for 2 issues, a server-side template injection flaw which can lead to remote code execution. This issue was rated a CVSS score of 9.8 and was assigned CVE-2022-22954. The other flaw was a privilege escalation vulnerability (CVE-2022-22960) which was rated CVSS score of 7.8. According to CISA, it is speculated that the hackers were able to reverse engineer the patch and create an exploit in less than 48 hours. On Wednesday, VMware released patches for 2 more vulnerabilities, CVE-2022-22972 and CVE-2022-22973. The issues were related to Authentication Bypass and Local Privilege Escalation respectively. 

According to CISA, the four vulnerabilities can be exploited and compromise unpatched software and become an unacceptable risk to federal systems. The federal agencies have been issued a timeline until Monday, May 23 to develop an inventory of all affected software instances in their IT environment. 

It is advised to all system administrators to patch the affected endpoints or to remove them from the network if not patched. 

Accorian can help identify this vulnerability in your environment. 

Recent Post

Ready to Start?

Ready to Start?​

Drop your CVs to

Interested Position

Download Case study

Download SOC2 Guide