The Cybersecurity and Infrastructure Security Agency (CISA) has warned companies that certain VMware products affected by newly disclosed critical flaws. The CISA recommends that these products be patched or removed from the network entirely to mitigate the risks posed by the vulnerabilities. The removal of the products if they cannot be patched is based on past exploitation of critical VMware flaws occurring in the first 48 hours after disclosure, says the CISA. Since the flaws were disclosed on May 18 by VMware, this means that the next two days will likely be leveraged by cyberattackers to hunt down unpatched devices.
The flaws lie in the VMware Workspace ONE Access, VMware Identity Manager, VMware vRealize Automation, VMware Cloud Foundation, and vRealize Suite Lifecycle Manager. The vulnerabilities are an authentication security bypass with a severity score of 9.8 out of 10 and a local privilege escalation flaw with a score of 7.8. VMware warned that an attacker without network access to the management user interface could leverage the vulnerabilities to access it without the need for a password.
Read More: Patch these vulnerable VMware products or remove them from your network, CISA warns federal agencies