ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    VMWare vulnerabiliy being actively exploited

    News
    4
    4
    233
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JaredBuschJ
      JaredBusch
      last edited by

      This is not a drill: VMware vuln with 9.8 severity rating is under attack

      Code execution flaw in vCenter is exploited to install web shell on unpatched machines.

      A VMware vulnerability with a severity rating of 9.8 out of 10 is under active exploitation. At least one reliable exploit has gone public, and there have been successful attempts in the wild to compromise servers that run the vulnerable software.

      The vulnerability, tracked as CVE-2021-21985, resides in the vCenter Server, a tool for managing virtualization in large data centers. A VMware advisory published last week said vCenter machines using default configurations have a bug that, in many networks, allows for the execution of malicious code when the machines are reachable on a port that is exposed to the Internet.

      1 Reply Last reply Reply Quote 3
      • jclambertJ
        jclambert
        last edited by

        Thanks. I had not seen this yet!

        1 Reply Last reply Reply Quote 0
        • hobbit666H
          hobbit666
          last edited by

          1st on my Monday job list

          dafyreD 1 Reply Last reply Reply Quote 0
          • dafyreD
            dafyre @hobbit666
            last edited by

            @hobbit666 said in VMWare vulnerabiliy being actively exploited:

            1st on my Monday job list

            We patched our stuff last week.

            1 Reply Last reply Reply Quote 1
            • 1 / 1
            • First post
              Last post