VMware is warning customers about a vulnerability in its Verify two-factor authentication solution. Hackers appear to be able to circumvent the primary security measure for which Verify was designed.
VMware indicates that the security problem threatens its Workspace ONE Access product. VMware Verify takes care of the two-factor authentication. The vulnerability enables hackers to intercept the ‘second step’ in a two-factor authentication request and gain access regardless of their true identity.
Part of previous bug
The vulnerability is part of another vulnerability found in Workspace ONE Access. This vulnerability, CVE-2021-22057, allows hackers to use Server Side Request Forgery to gain network access to execute HTTP requests to arbitrary sources.
VMware has since closed both vulnerabilities and released a new version of Workspace ONE Access. The latest version is 21.08.0.1. VMware also discovered a critical vulnerability relating to Log4j in VMware ONE Access UEM.