CVE-2022-22973

Vulnerability

The vulnerability, identified in VMware Workspace ONE Access and Identity Manager, allows a malicious actor with local access to escalate privileges to root. This affects VMware Workspace ONE Access (version unspecified in the reference) and VMware Identity Manager (version unspecified) as per VMSA-2022-0014 [1].

Exploitation

An attacker must have local access to the affected system. No additional authentication or user interaction is required beyond local access. The attack vector is local, meaning the attacker must be able to execute commands or run code on the target machine. The specific steps are not detailed in the reference, but the advisory confirms that local access is sufficient to trigger the privilege escalation [1].

Impact

Successful exploitation allows the attacker to escalate privileges to the root user, gaining full administrative control over the affected system. This results in complete compromise of confidentiality, integrity, and availability of the system [1].

Mitigation

VMware has released patches to remediate this vulnerability. The advisory VMSA-2022-0014.1 (updated on 2022-05-27) provides patching guidance for affected products including VMware Workspace ONE Access, Identity Manager, and vRealize Automation. Users should apply the latest updates from VMware. No workaround is mentioned in the reference [1].