all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CISA Alert AA22-138B – Threat actors chaining unpatched VMware vulnerabilities for full system control. [CISA Cybersecurity Alerts]

Add to bookmarks
May 20, 2022, 1:42 p.m. | CyberWire, Inc.

CyberWire Daily thecyberwire.com

CISA is releasing this cybersecurity advisory to warn organizations that malicious cyber actors are exploiting CVE-2022-22954 and CVE-2022-22960. These vulnerabilities affect versions of VMware products. Successful exploitation permits malicious actors to trigger a server-side template injection that may result in remote code execution or escalation of privileges to root level access. Based on this activity, CISA expects malicious cyber actors to quickly develop a capability to exploit newly released VMware vulnerabilities CVE-2022-22972 and CVE-2022-22973 in the same impacted VMware products. …

alert alerts cisa cisa alert control cybersecurity system threat threat actors unpatched vmware vulnerabilities

Visit resource

More from thecyberwire.com / CyberWire Daily

Cyber Talent Insights: Strengthening the cyber talent pipeline apparatus. (Part 3 of 3) [Special Edition] 3 hours ago | thecyberwire.com
center changing conversation cyber +17
The shadowy adversary in Cisco's crosshairs. 12 hours ago | thecyberwire.com
adaptive security adversary amazon amazon ring +35
Iran's covert cyber operations exposed. 1 day, 12 hours ago | thecyberwire.com
ban bcrypt brute charges +35
Visa crackdown against spyware swindlers. 2 days, 12 hours ago | thecyberwire.com
apps apt28 breach crackdown +29
Renewed surveillance sparks controversy. 3 days, 12 hours ago | thecyberwire.com
actively exploited apps attention breach +29
Encore: Kiersten Todt: problem solving and building solutions. [Policy] [Career Notes] 5 days, 1 hour ago | thecyberwire.com
building businesses career cyber +19
Cloud Architect vs Detection Engineer: Mutual benefit. [CyberWire-X] 5 days, 3 hours ago | thecyberwire.com
architect benefits brian cloud +15
The art of information gathering. [Research Saturday] 6 days, 1 hour ago | thecyberwire.com
abuse art conversation discuss +23
Swift responses to cyberattacks. 6 days, 11 hours ago | thecyberwire.com
akira akira ransomware auto businesses +25

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cyber Security Cloud Solution Architect

@ Microsoft | London, London, United Kingdom
View on infosec-jobs.com

Compliance Program Analyst

@ SailPoint | United States
View on infosec-jobs.com

Software Engineer III, Infrastructure, Google Cloud Security and Privacy

@ Google | Sunnyvale, CA, USA
View on infosec-jobs.com

Cryptography Expert

@ Raiffeisen Bank Ukraine | Kyiv, Kyiv city, Ukraine
View on infosec-jobs.com

Senior Cyber Intelligence Planner (15.09)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com
View more jobs