CVE-2022-22960

HIGH KEV

VMware Workspace ONE Access CVE-2022-22960

Title source: metasploit

Description

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'.

Exploits (1)

metasploit WORKING POC GOOD

by mr_me, jheysel-r7 · rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/vmware_workspace_one_access_cve_2022_22960.rb

View Code ZIP pw:eip

References (5)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/171935/VMware-Workspace-ONE-Access-Privilege-Escalation.html

[Patch, Vendor Advisory] https://www.vmware.com/security/advisories/VMSA-2022-0011.html

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22960

Scores

CVSS v3 7.8

EPSS 0.7266

EPSS Percentile 98.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-04-15

VulnCheck KEV 2022-04-06

InTheWild.io 2022-04-15

ENISA EUVD EUVD-2022-28083

CWE

CWE-732

Status published

Products (11)

vmware/cloud_foundation 3.0 - 5.0

vmware/identity_manager 3.3.3

vmware/identity_manager 3.3.4

vmware/identity_manager 3.3.5

vmware/identity_manager 3.3.6

vmware/vrealize_automation 7.6

vmware/vrealize_suite_lifecycle_manager 8.0 - 9.0

vmware/workspace_one_access 20.10.0.0

vmware/workspace_one_access 20.10.0.1

vmware/workspace_one_access 21.08.0.0

... and 1 more

Published Apr 13, 2022

KEV Added Apr 15, 2022

Tracked Since Feb 18, 2026