Three Critical Vulnerabilities Impacting VMware Workspace ONE Assist Server CVE-2022-31685, CVE-2022-31686 and CVE-2022-31687

Share :

On Tuesday, 8 November 2022, VMware disclosed three critical-severity vulnerabilities impacting VMware Workspace ONE Assist Server versions 21.x and 22.x. If successfully exploited, the reported vulnerabilities could lead to a threat actor obtaining administrative access to the application without the need to authenticate.  

Vulnerability  Vulnerability Type 
CVE-2022-31685 (CVSS 9.8)  Authentication bypass vulnerability 
CVE-2022-31686 (CVSS 9.8)  Broken authentication vulnerability 
CVE-2022-31687 (CVSS 9.8)  Broken access control vulnerability 

 

NOTE: Only VMware Workspace ONE Assist Server is impacted by these vulnerabilities. Assist for macOS, Assist for Android, Assist for Windows Desktop, Assist for Windows Mobile, Assist for VMware Horizon, and Assist for Linux are not impacted.  

Threat actors have historically targeted VMware Workspace ONE Access vulnerabilities, such as CVE-2022-22960. Arctic Wolf Labs strongly recommends applying the relevant security patches to impacted devices to remediate the vulnerabilities and prevent potential exploitation. 

Recommendation 

Upgrade Impacted Products to the Latest Version 

Arctic Wolf Labs strongly recommends upgrading to the latest version of VMware Workspace ONE Assist to prevent potential exploitation. The latest version can be found within VMware’s Knowledge Base: https://kb.vmware.com/s/article/89993  

Note: Arctic Wolf recommends following your organisation’s change management best practices for upgrading devices, including testing changes in a dev environment before deploying to production to avoid operational impact. 

If you have questions regarding the details of this bulletin, please reach out to your CST. 

Product  Vulnerable Version  Fixed Version 
Assist Server(s)  21.x and 22.x  22.10 


Reference
 

Steven Campbell

Steven Campbell

Steven Campbell is a Threat Intelligence Researcher at Arctic Wolf Labs and has more than eight years of experience in intelligence analysis and security research. He has a strong background in infrastructure analysis and adversary tradecraft.
Share :
Table of Contents
Categories