The Cybersecurity and Infrastructure Security Agency (CISA) has added a Critical VMware Workspace ONE Access and Identity Manager vulnerability to its Known Exploited Vulnerabilities Catalog.
An attacker could exploit this vulnerability to take over impacted systems.
According to VMware, the VMware Workspace ONE Access and Identity Manager vulnerability (CVE-2022-22954) could allow for remote code execution due to server-side template injection.
On April 13, 2022 VMware updated a previously released advisory for CVE-2022-22954 that was patched last week on April 6, 2022:
“VMware has confirmed that exploitation of CVE-2022-22954 has occurred in the wild.”
The latest exploit comes on the heels of CISA adding three other exploited vulnerabilities, to include WatchGuard and Microsoft Active Directory flaws, to the Catalog earlier this week.