CVE-2022-31664

Vulnerability

CVE-2022-31664 is a privilege escalation vulnerability affecting VMware Workspace ONE Access, Identity Manager, and vRealize Automation. The bug resides in a privileged component of these products and can be triggered by a local attacker without requiring elevated privileges. The vulnerability affects versions prior to the fixed releases detailed in the VMware advisory VMSA-2022-0021 [1].

Exploitation

An attacker with local access to an affected system can exploit this vulnerability to escalate privileges to root. No user interaction or additional authentication is required beyond initial local system access. The exact exploitation steps are not publicly disclosed but rely on the local attacker's ability to execute code or manipulate system resources.

Impact

Successful exploitation allows the attacker to gain full root privileges on the affected system, leading to complete compromise of the host. This includes the ability to read, modify, or delete any data, install software, and create new accounts with unrestricted access. The confidentiality, integrity, and availability of the system are all at risk.

Mitigation

VMware released security updates addressing this vulnerability on August 2, 2022, as part of VMSA-2022-0021 [1]. Affected users should apply the latest patches for their respective products (Workspace ONE Access, Identity Manager, and vRealize Automation) immediately. No workarounds are available; upgrading to the fixed versions is the only mitigation. The advisory does not list CVE-2022-31664 in the CISA Known Exploited Vulnerabilities catalog as of the update.