VMWare Workspace One has "critical" security vulnerability
A short-term workaround is the best VMWare can offer for now
VMWare has released a temporary fix for a critical zero-day vulnerability affecting several of its products, including VMWare Workspace One. The bug allows threat actors to take control of Linux and Windows operating systems by escalating their privileges remotely.
The command injection vulnerability, tracked as CVE-2020-4006, has been found in the administrative configuration of some versions of VMWare Workspace One, as well as in VMWare’s Access Connector, Identity Manager, and Identity Manager Connector. The vulnerability has been given a 9.1 CVSSv3 severity rating out of 10.
“A malicious actor with network access to the administrative configurator on port 8443 and a valid password for the configurator admin account can execute commands with unrestricted privileges on the underlying operating system,” the VMWare security advisory explains.
- The best endpoint protection software
- We've highlighted the best antivirus software
- Also, check out our roundup of the best malware removal tools
A short-term fix
Although VMWare is still working on a security update to patch the vulnerability, temporary workarounds have been made available that will remove the attack vector used to exploit CVE-2020-4006. The workarounds involve following a series of detailed steps, but only work for some of the attack vectors – so some VMWare products will remain vulnerable. The workaround also causes some functionality limitations.
“Impacts are limited to functionality performed by this service,” the workaround reads. “Configurator-managed setting changes will not be possible while the workaround is in place. If changes are required please revert the workaround... make the required changes and disable again until patches are available. In addition, most of the system diagnostics dashboard will not be displayed.”
Given the severity of the vulnerability and the limited impact of the workaround, it is advised that all users of affected VMWare products implement the workaround immediately. That will give VMWare more time to come up with a long-term solution.
- Also, see our list of the best ransomware removal solutions
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services. After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.