CVE-2022-22954

Pierluigi Paganini October 22, 2022
Threat actors exploit critical flaw in VMware Workspace ONE Access to drop ransomware, miners

Threat actors are exploiting a now-patched vulnerability, tracked as CVE-2022-22954, in VMware Workspace ONE Access in attacks in the wild. Threat actors are actively exploiting a now-patched vulnerability, tracked as CVE-2022-22954, in VMware Workspace ONE Access to deliver cryptocurrency miners and ransomware. The issue causes server-side template injection due to because of the lack of […]

Pierluigi Paganini April 26, 2022
Iran-linked APT Rocket Kitten exploited VMware bug in recent attacks

The Iran-linked APT group Rocket Kitten has been observed exploiting a recently patched CVE-2022-22954 VMware flaw. Iran-linked Rocket Kitten APT group has been observed exploiting a recently patched CVE-2022-22954 VMware Workspace ONE Access flaw to deploy ‘Core Impact’ Backdoor. The CVE-2022-22954 vulnerability is a server-side template injection remote code execution issue, it was rated 9.8 […]

Pierluigi Paganini April 14, 2022
Critical VMware Workspace ONE Access CVE-2022-22954 flaw actively exploited

Threat actors are actively exploiting a critical vulnerability in VMware Workspace ONE Access and Identity Manager recently patched by the vendor. Threat actors are actively exploiting a critical flaw, tracked as CVE-2022-22954, in VMware Workspace ONE Access and Identity Manager recently patched by the vendor. Researchers from cyber threat intelligence BadPackets also reported that the vulnerability […]