NSA Warns Nation-State Actors Exploiting Remote Work Endpoints
Health IT Security
The NSA released an alert that warns all organizations to apply recommended mitigation measures for a vulnerability found in certain VMWare Workspace platforms. Nation-state actors with ties to Russia are actively exploiting the remote work platforms to gain access to enterprise networks.
Disclosed in late November, the command-injection vulnerability, CVE-2020-4006, is found in the administrative configurator of certain VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector platforms.
If exploited, a remote attacker with valid credentials and access to the administrative configurator on port 8443 could execute commands with unrestricted privileges on the targeted operating system.
VMWare ranked the vulnerability as...