Posted on Leave a comment

Remote code execution vulnerability found VMware vCenter server.

Critical vulnerability has been found on VMware vCenter Server which can lead to Remote code execution attacks.

Vcenter Server is a server management solution which helps the administrators to manage virtual machines and virtualized hosts via a single console.

Ricter Z from Noah Lab has privately reported the bug which can be exploited by the unauthenticated attackers . The vulnerability has been rated with 9.8 out of 10 in CVSS score and tracked as CVE-2021-21985.

VMware has stated “A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.

Additionally the company has mentioned that vCenter Server 6.5, 6.7, and 7.0 had been impacted with this vulnerability. Luckily they had released the necessary workaround / Patches which can be implemented to protect from this vulnerability.

CyberWorkx readers can find out the vulnerability notification from this link

VMware has urged the customer to apply these patches / workarounds on emergency basis and suggested “ Organizations who have placed their vCenter Servers on networks that are directly accessible from the Internet may not have that line of defense and should audit their systems for compromise. They should also take steps to implement more perimeter security controls (firewalls, ACLs, etc.) on the management interfaces of their infrastructure.”

–-For more Cyber security news in crisp content . Please follow our site.

Leave a Reply