CVE-2022-31660

Vulnerability

CVE-2022-31660 is a privilege escalation vulnerability in VMware Workspace ONE Access, Identity Manager, and vRealize Automation. The vulnerability allows a malicious actor with local access to the affected system to escalate privileges to root. The advisory [1] indicates this issue affects multiple VMware products and is part of a larger set of vulnerabilities patched in the August 2022 update bundle (VMSA-2022-0021). Exact affected versions are detailed in the VMware advisory [1].

Exploitation

Exploitation requires the attacker to have local access to the impacted system. No additional authentication or user interaction is mentioned. The attacker must be able to execute code or commands locally on the vulnerable appliance. The advisory [1] does not provide a detailed exploit sequence, but the vulnerability is classified as a privilege escalation, meaning the attacker can leverage existing local access to gain higher privileges.

Impact

Successful exploitation allows an attacker with local access to elevate their privileges to root, the highest level of access on the system. This grants full control over the affected appliance, enabling the attacker to perform any action, including reading, modifying, or deleting sensitive data and system configurations.

Mitigation

VMware has released patches to address CVE-2022-31660 as part of the VMSA-2022-0021 advisory [1]. The fixed versions are listed in the advisory. Users should immediately update their deployments to the latest supported versions. No workarounds are provided in the advisory [1].