CISA Alert AA22-138B – Threat actors chaining unpatched VMware vulnerabilities for full system control. - podcast episode cover

CISA Alert AA22-138B – Threat actors chaining unpatched VMware vulnerabilities for full system control.

CISA Cybersecurity Alerts
May 20, 20223 minSeason 1Ep. 18
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

CISA is releasing this cybersecurity advisory to warn organizations that malicious cyber actors are exploiting CVE-2022-22954 and CVE-2022-22960. These vulnerabilities affect versions of VMware products. Successful exploitation permits malicious actors to trigger a server-side template injection that may result in remote code execution or escalation of privileges to root level access. Based on this activity, CISA expects malicious cyber actors to quickly develop a capability to exploit newly released VMware vulnerabilities CVE-2022-22972 and CVE-2022-22973 in the same impacted VMware products.

AA22-138B Alert, Technical Details, and Mitigations

AA22-138B.stix

Emergency Directive 22-03 Mitigate VMware Vulnerabilities

VMware Security Advisory VMSA-2022-0011

VMware Security Advisory VMSA-2022-0014

All organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at central@cisa.dhs.gov or (888) 282-0870 and to the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov.

Learn more about your ad choices. Visit megaphone.fm/adchoices

For the best experience, listen in Metacast app for iOS or Android