VMWare vulnerabiliy being actively exploited
-
This is not a drill: VMware vuln with 9.8 severity rating is under attack
Code execution flaw in vCenter is exploited to install web shell on unpatched machines.
A VMware vulnerability with a severity rating of 9.8 out of 10 is under active exploitation. At least one reliable exploit has gone public, and there have been successful attempts in the wild to compromise servers that run the vulnerable software.
The vulnerability, tracked as CVE-2021-21985, resides in the vCenter Server, a tool for managing virtualization in large data centers. A VMware advisory published last week said vCenter machines using default configurations have a bug that, in many networks, allows for the execution of malicious code when the machines are reachable on a port that is exposed to the Internet.
-
Thanks. I had not seen this yet!
-
1st on my Monday job list
-
@hobbit666 said in VMWare vulnerabiliy being actively exploited:
1st on my Monday job list
We patched our stuff last week.