Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Vulnerabilities in VMware Workspace ONE Assist
Alerts

Critical Vulnerabilities in VMware Workspace ONE Assist

9 November 2022

VMware has released security updates to address three critical vulnerabilities (CVE-2022-31685, CVE-2022-31686, CVE-2022-31687) in their VMware Workspace ONE Assist product. The three vulnerabilities each have a Common Vulnerability Scoring System (CVSSv3) score of 9.8 out of 10.

Successful exploitation of any one of these three vulnerabilities could allow an attacker with network access to obtain administrative access without the need to authenticate to the application.

VMware Workspace ONE Assist versions 21.x and 22.x are affected by these vulnerabilities. Administrators and users of the affected product versions are advised to upgrade to the latest version immediately.

More information is available here:

https://www.vmware.com/security/advisories/VMSA-2022-0028.html

Back to top