VMware Security Update Fixes Three Critical Authentication Bypass Vulnerabilities in Workspace ONE Assist

10.11.22

Threat Intelligence Alerts

Affected Systems: VMware Workspace ONE Assist (Assist) Server

Description:

VMware has released a security update that patches three vulnerabilities of critical severity and two other moderate severity vulnerabilities. These vulnerabilities affect VMware’s Workspace ONE Assist, a system which provides remote access, screen sharing, and system management. It is designed for IT staff to remotely troubleshoot and fix devices.

The three critical vulnerabilities affect Assist’s authentication methods. Tracked as CVE-2022-31685, CVE-2022-31686, and CVE-2022-31687, they all allow for a malicious actor with network access to obtain administrative access without the need to authenticate the application. VMware has evaluated these vulnerabilities to have a CVSSv3 base score of 9.8 out of 10. There are no available workarounds to mitigate these vulnerabilities besides updating Assist to the latest version.

The two other vulnerabilities patched in this update include CVE-2022-31688, a reflected cross-site scripting vulnerability, and CVE-2022-31689, a session fixation vulnerability.

These bugs are patched in Workspace ONE Assist version 22.10. VMware has released an article detailing other issues and new features included in the update in this article.

As the vulnerabilities are now publicly released, threat actors may begin to attempt to exploit them. It is highly recommended that administrators update Workspace ONE Assist as soon as possible.

Related Links:

https://www.vmware.com/security/advisories/VMSA-2022-0028.html – Published 8th November

https://www.bleepingcomputer.com/news/security/vmware-fixes-three-critical-auth-bypass-bugs-in-remote-access-tool/ – Published 8^th November

https://thehackernews.com/2022/11/vmware-warns-of-3-new-critical-flaws.html – Published 9th November