TellYouThePass ransomware revived in Linux, Windows Log4j attacks
Credit card info of 1.8 million people stolen from sports gear sites
CISA urges VMware admins to patch critical flaw in Workspace ONE UEM
All Log4j, logback bugs we know so far and why you MUST ditch 2.15
New stealthy DarkWatchman malware hides in the Windows Registry
This $19 bundle helps fill your résumé with CompTIA certifications
Western Digital warns customers to update their My Cloud devices
Save 50% on access to 2,400 hours of IT training from ITU Online
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
CISA urges VMware admins to patch critical flaw in Workspace ONE UEM
CISA has asked VMware admins and users today to patch a critical security vulnerability found in the Workspace ONE UEM console that threat actors could abuse to gain access to sensitive information.
Workspace ONE Unified Endpoint Management (ONE UEM) is a VMware solution for over-the-air remote management of desktops, mobile, rugged, wearables, and IoT devices.
The flaw tracked as CVE-2021-22054 is a server side request forgery (SSRF) vulnerability with a severity rating of 9.1/10 and impacting multiple ONE UEM console versions.
Unauthenticated threat actors can exploit this vulnerability remotely in low-complexity attacks without user interaction.
“A malicious actor with network access to UEM can send their requests without authentication and may exploit this issue to gain access to sensitive information,” VMware explained in a security advisory issued on Thursday.
“CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0029 and apply the necessary mitigation,” CISA said today.
VMware also provides short-term mitigation to block exploitation attempts if you cannot immediately deploy one of the patched versions in the above table.
The temporary workaround requires you to edit the UEM web.config file by following the steps outlined here and restarting all server instances on which this workaround has been applied.
VMware also provides steps to validate that the workaround will successfully block attacks using CVE-2021-22054 exploits.
To test if the workaround was correctly applied, you have to open a web browser and navigate to these URLs (you should only get 404 Not Found responses):
“IIS reset will cause logged-in administrators to the server instance being patched to log out. Administrators should be able to log back in shortly after,” VMware says.
Philips healthcare infomatics solution vulnerable to SQL injection
Upgraded to log4j 2.16? Surprise, there’s a 2.17 fixing DoS
All Log4j, logback bugs we know so far and why you MUST ditch 2.15
Conti ransomware uses Log4j bug to hack VMware vCenter servers
Log4j: List of vulnerable products and vendor advisories
Not a member yet? Register Now
This image looks very different on Apple devices — see for yourself
Conti ransomware uses Log4j bug to hack VMware vCenter servers
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source

You May Also Like

New stealthy DarkWatchman malware hides in the Windows Registry

TellYouThePass ransomware revived in Linux, Windows Log4j attacksCredit card info of 1.8…

Finland warns of Flubot malware heavily targeting Android users

FBI seized $2.3M from affiliate of REvil, Gandcrab ransomware gangsEwDoor botnet targets…

Cox discloses data breach after hacker impersonates support agent

Emotet now drops Cobalt Strike, fast forwards ransomware attacksSonicWall ‘strongly urges’ customers…

Void Balaur hackers-for-hire sell stolen mailboxes and private data

HPE says hackers breached Aruba Central using stolen access keyFBI warns of…