Nation-State Actors Are Targeting a VMware Vulnerability In The Wild (CVE-2020-4006)

The National Security Advisory (NSA) released a cybersecurity advisory detailing activity linked to a Russian state-sponsored threat actor. According to the NSA, the threat actor is exploiting CVE-2020-4006, a command injection vulnerability in the administrative configurator component in certain VMware products. The affected products include:

• VMware Workspace One Access
• VMware Workspace One Access Connector
• VMware Identity Manager
• VMware Identity Manager Connector
• VMware Cloud Foundation
• vRealize Suite Lifecycle Manager

For more information about the vulnerability, including the availability of patches and Tenable product coverage, please visit our blog.