Hello, welcome to the Thursday, May 19, 2020 edition of the Sandsenet Storm Center's Stormcast. My name is Johannes Ulrich,

and I'm recording from Jacksonville, Florida. Well, let's start with VMware today. We got another

critical war on ability that VMware patched the CBE 2020-9772. It's an off-occation bypass,

and it does affect VMware Workspace 1-AXX, Identity Manager, we realize automation. And VMware

did assign it a CVSSV3 base score of 9.8.

An attacker does need access to the user interface and will be able to gain administrative

access without the need for any of occasion.

So VMware does recommend that you apply the patch quickly.

No exploit yet as far as I know,

but of course they tend to come pretty quickly.

And the tricky part here is a little bit

that the vulnerable component here really

is the VMware Identity Manager.

So if you have this deployed with any other VMware products, you may also have an issue.

And talking about these vulnerabilities being exploited rather quickly in April,

VMware did publish security advisories that listed a number of different vulnerabilities,

including a server-side template injection issue,

essentially an arbitrary code execution vulnerability that could be exploited also via the web

interface.

Well, Barakuta is now reporting that this vulnerability is already being exploited, so definitely

patch now.

And applying this new patch should actually also fix this older vulnerability.

...