Palo Alto Networks Unit 42 researchers released a new report “Network Security Trends” that highlights how attackers are exploiting remote code execution (RCE), cross-site scripting (XSS), traversal and information disclosure vulnerabilities in multiple vendor products.
The Cybersecurity and Infrastructure Security Agency (CISA) has added a Critical VMware Workspace ONE Access and Identity Manager vulnerability to its Known Exploited Vulnerabilities Catalog. VMware also confirmed known exploits in the wild have been detected for CVE-2022-22954.
VMware has released Critical updates for VMware Workspace ONE Access, Identity Manager and vRealize that address multiple vulnerabilities. VMware also updated the advisory to confirm there is known exploits in the wild for one of those vulnerabilities CVE-2022-22954.