CVE-2022-22954

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2022-22954 is a significant software vulnerability that affects VMware's Workspace One Access and Identity Manager. This flaw in the software design or implementation allows for remote code execution, providing an attacker with the ability to execute arbitrary commands on the affected system. Over a 30-day period, there was a notable increase in the detection of this exploit, as illustrated by Figure 6: VMware.Workspace.ONE.Access.Catalog.Remote.Code.Execution (CVE-2022-22954) 30-day Daily Detection Count. This particular vulnerability was part of a trio of exploits that collectively accounted for nearly 90% of known cyber threats. The most prominent among these was Log4j (CVE-2021-44228), which constituted 44% of all known exploits. Alongside CVE-2022-22954, another significant threat was a BIG-IP F5 exploit (CVE-2022-1388). These three vulnerabilities together have been at the forefront of cybersecurity concerns. The combination of CVE-2022-22954 and another VMware vulnerability (CVE-2022-22960) ranked fourth in terms of threat severity. Despite not being the primary vulnerability, the potential harm from CVE-2022-22954 is substantial due to its capacity for remote code execution. Given the widespread use of VMware's Workspace One Access and Identity Manager, this vulnerability presents a considerable risk to many organizations and systems.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Vulnerability
Exploit
Log4j
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
Log4ShellUnspecified
2
Log4Shell, a critical vulnerability in the logging feature of the Java programming language, also known as Log4j, was publicly disclosed on December 9th. This software flaw affected millions of devices and applications globally, including those in Estonia. The vulnerability, officially designated as
CVE-2022-1388Unspecified
2
CVE-2022-1388 is a critical vulnerability identified in the F5 BIG-IP iControl REST interface, which allows for an authentication bypass. This flaw in software design or implementation enables unauthorized users to gain access and control over the system without needing to authenticate their identit
CVE-2022-22960Unspecified
1
None
ProxyshellUnspecified
1
ProxyShell is a chain of three vulnerabilities (tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207) that affect Microsoft Exchange email servers. These vulnerabilities allow unauthenticated attackers to gain administrator access and execute remote code on unpatched servers. Discovered in
vmware.workspace.one.access.catalog.remote.code.execution Cve-2022-22954Unspecified
1
None
FollinaUnspecified
1
Follina, also known as CVE-2022-30190, is a notable software vulnerability that was discovered and exploited in the first half of 2022. This flaw, found in the Microsoft Windows Support Diagnostic Tool (MSDT), was weaponized by TA413, a cyber threat actor group with suspected ties to China. The grou
CVE-2021-44228Unspecified
1
CVE-2021-44228, also known as Log4Shell, is a critical vulnerability in the Apache Log4j software library that has been widely exploited since its discovery. This flaw in software design or implementation allows for remote code execution, making it a prime target for malicious actors. Despite multip
Source Document References
Information about the CVE-2022-22954 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
Malwarebytes
10 months ago
2022's most routinely exploited vulnerabilities—history repeats
CERT-EU
10 months ago
Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities
BankInfoSecurity
10 months ago
Patching Conundrum: 5-Year Old Flaw Again Tops Most-Hit List
CERT-EU
10 months ago
Unmasking the top exploited vulnerabilities of 2022 – GIXtools
CSO Online
a year ago
Fileless attacks surge as cybercriminals evade cloud security defenses
BankInfoSecurity
10 months ago
Patching Conundrum: 4-Year Old Flaw Again Tops Most-Hit List
CERT-EU
10 months ago
CISA Advisory of Top 42 Frequently Exploited Flaws of 2022
Securityaffairs
10 months ago
CISA, FBI, and NSA published the list of 12 most exploited vulnerabilities of 2022
Fortinet
a year ago
2022 IoT Threat Review | FortiGuard Labs
DARKReading
a year ago
3 Flaws, 1 War Dominated Cyber-Threat Landscape in 2022
CERT-EU
a year ago
Most Weaponized Vulnerabilities of 2022 and 5 Key Risks: Report
CERT-EU
10 months ago
Most exploited cyber vulnerabilities of 2022 revealed
CISA
10 months ago
2022 Top Routinely Exploited Vulnerabilities | CISA
CERT-EU
10 months ago
FBI, CISA, and NSA reveal top exploited vulnerabilities of 2022
CERT-EU
10 months ago
FBI, CISA, and NSA reveal top exploited vulnerabilities of 2022