Remote code execution in several VMware Products
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2020-4006 |
| CWE-ID | CWE-77 |
| Exploitation vector | Network |
| Public exploit | Vulnerability #1 is being exploited in the wild. |
| Vulnerable software |
VMware Workspace One Access Operating systems & Components / Operating system package or component VMware Workspace One Access Connector Other software / Other software solutions vRealize Suite Lifecycle Manager Other software / Other software solutions VMware Identity Manager Server applications / Directory software, identity management VMware Identity Manager Connector Server applications / Other server solutions Cloud Foundation Client/Desktop applications / Virtualization software |
| Vendor | VMware, Inc |
Security Bulletin
This security bulletin contains information about 1 vulnerabilities.
Updated: 08.12.2020
Changed bulletin patch status to fixed, raised risk level from low to medium.
1) Command Injection
EUVDB-ID: #VU48624
Risk: Medium
CVSSv4.0: 8.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Green]
CVE-ID: CVE-2020-4006
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the administrative configurator. A remote administrator can pass specially crafted data to the application and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsVMware Workspace One Access: 20.01 - 20.10
VMware Workspace One Access Connector: 20.01.0.0 - 20.10
VMware Identity Manager: 3.3.1 - 3.3.3
VMware Identity Manager Connector: 3.3.1 - 3.32
Cloud Foundation: 4.0
vRealize Suite Lifecycle Manager: 8.0
CPE2.3- cpe:2.3:o:vmware:vmware_access:20.01:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:vmware_access:20.10:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_access_connector:20.01.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_access_connector:20.01.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_access_connector:20.10:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:identity_manager:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:identity_manager:3.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_vidm_connector:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_vidm_connector:3.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_cloud_foundation:*:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*
https://www.vmware.com/security/advisories/VMSA-2020-0027.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
