VMware warns of public PoC code for critical auth bypass bug CVE-2022-31656

VMware warns of the availability of a proof-of-concept exploit code for a critical authentication bypass flaw in multiple products.

VMware warns its customers of the availability of a proof-of-concept exploit code for a critical authentication bypass flaw, tracked as CVE-2022-31656, in multiple products. The flaw was discovered by security researcher Petrus Viet from VNG Security, who today released the proof-of-concept (PoC) exploit code for the flaws and provided technical details about the flaw.

Last week, the virtualization giant addressed the CVE-2022-31656 flaw, which impacts local domain users in multiple products. An unauthenticated attacker can exploit the vulnerability to gain admin privileges.

“A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.” reads the advisory published by the virtualization giant.

The flaw affects Workspace ONE Access, Identity Manager, and vRealize Automation products.

The vulnerability has been rated as critical and received a CVSS v3 base score of 9.8.

Today, VMware reported the availability of PoC exploits for CVE-2022-31656 and CVE-2022-31659.

“Updated advisory with information that VMware has confirmed malicious code that can exploit CVE-2022-31656 and CVE-2022-31659 in impacted products is publicly available.” reads an update to the advisory published by the company.

The good news is that the vendor is not aware of attacks exploiting the vulnerabilities in attacks in the wild.

“VMware is not aware of exploitation of these vulnerabilities at the time of this publication.” reads an advisory published by the company.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, CVE-2022-31656)

[adrotate banner=”5″]

[adrotate banner=”13″]