Attackers are exploiting VMware RCE to deliver malware (CVE-2022-22954)

Cyber crooks have begun exploiting CVE-2022-22954, a RCE vulnerability in VMware Workspace ONE Access and Identity Manager, to deliver cryptominers onto vulnerable systems. About CVE-2022-22954 CVE-2022-22954 is, in effect, a server-side template injection vulnerability that can be triggered by a malicious actor with network access to achieve remote code execution. It was reported to VMware privately and a fix and a workaround for it was released on April 6, along with fixes for seven other … More →

The post …

attackers cve cybercriminals don't miss exploit featured news malware poc rce vmware vulnerability