High Threat Security Alert (A22-04-04): Vulnerability in VMware Products


 

Published on: 04 April 2022

  
  

Description:

VMware has published a security advisory to address the vulnerability in VMware products. The list of security updates can be found at:

https://www.vmware.com/security/advisories/VMSA-2022-0010.html

Reports indicate that a remote code execution vulnerability (CVE-2022-22965) in VMware products is being exploited in the wild. System administrators are advised to take immediate actions to patch your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • VMware Tanzu Application Service for VMs
  • VMware Tanzu Operations Manager
  • VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)

 

Impact:

A successful exploitation of the vulnerability could lead to remote code execution on the affected system.

 

Recommendation:

Patches for affected products are available. System administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://www.vmware.com/security/advisories/VMSA-2022-0010.html
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22965


Tag: VMware , VMware Tanzu
Tags