1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. VMware Multiple Products Privilege Escalation Vulnerability

Known Exploited Vulnerabilities CVE-2022-22960

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2022-22960 VMware Multiple Products Privilege Escalation Vulnerability exploitation_technique T1222 File and Directory Permissions Modification
Comments
This vulnerability allows adversaries with local access to escalate privileges to root. Adversaries have been observed chaining this following exploit of CVE-2022-22954.
References
  1. https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-138b