VMware has released a temporary fix for a critical zero-day vulnerability affecting several products, including VMware Workspace One. The company has advised all affected users to immediately implement the workaround until it comes up with a long-term solution.
The flaw, tracked as CVE-2020-4006, was reported privately to VMware, but the company has not credited anyone in its advisory. VMware says it is working on patches and has shared some workarounds to help organizations reduce the risk of exploitation.
The vulnerability reportedly affects Workspace ONE Access on Linux, vIDM Connector on Windows and Linux, Identity Manager (vIDM) on Linux, vRealize Suite Lifecycle Manager, and VMware Cloud Foundation.