PDS Cyber Security Advisory:
Advisory Regarding Vulnerabilities in VMware Workspace One
Advisory Type: IT Security
Severity: Important (High)
Summary: PDS is providing the following communication to build awareness of a high priority vulnerability and patches in VMware Workspace One products.
On December 3, 2020 VMware posted advisory VMSA-2020-0027.2: VMware Workspace One Access disclosing that vulnerabilities exist in the following products:
- VMware Workspace One
- VMware Workspace One Access Connector
- VMware Identity Manager (vIDM)
- VMware Identity Manager Connector (vIDM Connector)
- VMware Cloud Foundation
- vRealize Suite Lifecycle Manager
These products contain a Command Injection Vulnerability in the administrative configurator.
Malicious actors with authenticated access to the administrative configurator admin account can execute commands with unrestricted privileges on the underlying operating system. Information on how malicious actors can obtain the admin account password are documented in article T1586 of the MITRE ATT&CK database.
VMware has published patch information in knowledgebase article KB81754. Workaround instructions are also available in KB8173 for circumstances where patching may be delayed.
We strongly advise customers to review the VMware advisory and patching information. PDS Architects are available to assist with the mitigation, your Account Director can assist in arranging support for this issue.
