VMware Confirms the Existence of Workspace One Exploits

7
VMware Confirms the Existence of Workspace One Exploits

VMware is warning that less than a week after patching critical security flaws affecting multiple enterprise-facing products, one of the flaws has been exploited in the wild. VMware announced in a security bulletin issued on April 4: “VMware has confirmed that CVE-2022-22954 has been exploited in the wild.”

The update emphasizes the importance of organizations applying patches and mitigations in order to stay one step ahead of attackers. VMware products have become a popular target for nation-state advanced persistent threat (APT) actors and ransomware criminals.

The VMware vulnerability, described as a server-side template injection remote code execution flaw, was discovered by a researcher affiliated with the Chinese firm Qihoo 360.

Read More: https://www.securityweek.com/vmware-confirms-workspace-one-exploits-wild