Lucene search
K

17 matches found

Check Point Advisories
Check Point Advisories
added 2021/11/29 12:0 a.m.6 views

VMWare Workspace Command Injection (CVE-2020-4006)

A command injection vulnerability exists in multiple VMWare products. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.8AI score0.23771EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/05/08 12:24 p.m.522 views

Top 12 Security Flaws Russian Spy Hackers Are Exploiting in the Wild

Cyber operatives affiliated with the Russian Foreign Intelligence Service SVR have switched up their tactics in response to previous public disclosures of their attack methods, according to a new advisory jointly published by intelligence agencies from the U.K. and U.S. Friday. "SVR cyber operato...

10CVSS0.4AI score0.99999EPSS
Exploits356
The Hacker News
The Hacker News
added 2020/12/08 5:44 a.m.6 views

NSA Warns Russian Hacker Exploiting VMware Bug to Breach Corporate Networks

The US National Security Agency NSA on Monday issued an advisory warning that Russian threat actors are leveraging recently disclosed VMware vulnerability to install malware on corporate systems and access protected data. Specifics regarding the identities of the threat actor exploiting the VMwar...

9.1CVSS7.6AI score0.23771EPSS
Exploits0
The Hacker News
The Hacker News
added 2020/12/08 5:44 a.m.130 views

NSA Warns Russian Hacker Exploiting VMware Bug to Breach Corporate Networks

The US National Security Agency NSA on Monday issued an advisory warning that Russian threat actors are leveraging recently disclosed VMware vulnerability to install malware on corporate systems and access protected data. Specifics regarding the identities of the threat actor exploiting the VMwar...

9.1CVSS1.1AI score0.23771EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/12/08 12:0 a.m.133 views

VMware Workspace One Access / VMware Identity Manager Command Injection Vulnerability (VMSA-2020-0027)

The VMware Workspace One Access formerly VMware Identity Manager application running on the remote host is affected by a unspecified command injection vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version. C Tenable...

9.1CVSS8.8AI score0.23771EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2020/12/07 10:6 p.m.106 views

NSA Warns: Patched VMware Bug Under Active Attack

Active attacks against a flaw in VMware’s Workspace One Access continue, three days after the vendor patched the vulnerability and urged customers to fix the bug classified as a zero-day at the time. Now the U.S. National Security Agency NSA has escalated concerns and on Monday warned that foreig...

9CVSS0.7AI score0.23771EPSS
Exploits0References13
CISA
CISA
added 2020/12/07 12:0 a.m.168 views

NSA Releases Advisory on Russian State-Sponsored Malicious Cyber Actors Exploiting CVE-2020-4006

The National Security Agency NSA has released a Cybersecurity Advisory on Russian state-sponsored actors exploiting CVE-2020-4006, a command-injection vulnerability in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. The actors were found exploiting...

9CVSS3.4AI score0.23771EPSS
Exploits0References3
CISA
CISA
added 2020/12/03 12:0 a.m.111 views

VMware Releases Security Updates to Address CVE-2020-4006

VMware has released security updates to address a vulnerability—CVE-2020-4006—in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructur...

9CVSS2.7AI score0.23771EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2020/11/24 7:8 a.m.181 views

Critical Unpatched VMware Flaw Affects Multiple Corporates Products

VMware has released temporary workarounds to address a critical vulnerability in its products that could be exploited by an attacker to take control of an affected system. "A malicious actor with network access to the administrative configurator on port 8443 and a valid password for the...

9.1CVSS2.1AI score0.23771EPSS
Exploits0
The Hacker News
The Hacker News
added 2020/11/24 7:8 a.m.4 views

Critical Unpatched VMware Flaw Affects Multiple Corporates Products

VMware has released temporary workarounds to address a critical vulnerability in its products that could be exploited by an attacker to take control of an affected system. "A malicious actor with network access to the administrative configurator on port 8443 and a valid password for the...

9.1CVSS7.6AI score0.23771EPSS
Exploits0
Circl
Circl
added 2020/11/24 12:46 a.m.7 views

CVE-2020-4006

creationtimestamp| type| source ---|---|--- 2020-11-24 00:46:21+00:00| seen| https://t.me/cibsecurity/16761 2020-11-24 06:05:07+00:00| seen| https://t.me/cKure/2959 2020-11-24 08:29:30+00:00| seen| https://t.me/thehackernews/906 2020-11-26 00:48:50+00:00| published-proof-of-concept|...

9.1CVSS7.5AI score0.23771EPSS
Exploits0References13
ThreatPost
ThreatPost
added 2020/11/23 9:46 p.m.108 views

Critical VMware Zero-Day Bug Allows Command Injection; Patch Pending

The U.S. Cybersecurity and Infrastructure Security Agency is warning of a zero-day bug affecting six VMware products including its Workspace One, Identity Manager and vRealize Suite Lifecycle Manager. The critical unpatched bug is a command injection vulnerability. In a separate VMware advisory,...

9.8AI score0.23771EPSS
Exploits0References6
CVE
CVE
added 2020/11/23 9:22 p.m.1290 views

CVE-2020-4006

CVE-2020-4006 (VMware) is a remote command-injection flaw in VMware Workspace ONE Access, Access Connector, Identity Manager, and Identity Manager Connector. A attacker with network access to the administrative configurator (port 8443) and valid credentials could execute commands with unrestricte...

9.1CVSS9.4AI score0.23771EPSS
In wildExploits0References3Affected Software3
ATTACKERKB
ATTACKERKB
added 2020/11/23 12:0 a.m.63 views

CVE-2020-4006

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability. Recent assessments: ccondon-r7 at December 10, 2020 7:54pm UTC reported: I’ve seen some news headlines with very scary-sounding words “ransacking...

9.1CVSS9.6AI score0.23771EPSS
In wildExploits0References2
CERT
CERT
added 2020/11/23 12:0 a.m.53 views

VMware Workspace ONE Access and related components are vulnerable to command injection

Overview VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector are vulnerable to command injection in the administrative configurator. This could allow a remote attacker to execute commands with unrestricted privileges on the underlying operating system...

9.1CVSS9.7AI score0.23771EPSS
Exploits0References3
CISA
CISA
added 2020/11/23 12:0 a.m.42 views

VMware Releases Workarounds for CVE-2020-4006

VMware has released workarounds to address a vulnerability—CVE-2020-4006—in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure...

9CVSS3.4AI score0.23771EPSS
Exploits0References2
VMware
VMware
added 2020/11/21 12:0 a.m.15 views

VMSA-2020-0027:VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address command injection vulnerability

Advisory ID: VMSA-2020-0027.2 CVSSv3 Range: 7.2 Issue Date:2020-11-23 Updated On: 2020-12-03 CVEs: CVE-2020-4006 Synopsis: VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address command injection vulnerability RSS Feed Download PDF Download Text Fi...

9.1CVSS8.2AI score0.23771EPSS
Exploits0References40Affected Software5
Rows per page
Query Builder