VMware’s virtualization management platform, vCenter Server, has a critical severity bug the company is urging customers to patch “as soon as possible”.
VMware Urges Rapid Patching for Serious vCenter Server Bug
Compliance
Compliance Twitter Get Permission
VMware is warning all vCenter Server administrators to patch their software to fix both a serious vulnerability that could be used to execute arbitrary code, as well as a separate authentication flaw.
Administrators use vCenter Server to manage installations of vSphere, which is VMware s virtualization platform.
The vulnerabilities need your immediate attention if you are using vCenter Server, VMware s Bob Plankers says in a blog post. All environments are different, have different tolerance for risk, and have different security controls and defense-in-depth to mitigate risk, so the decision on how to proceed is up to you, he writes. However, given the severity, we strongly recommend that you act.
Critical RCE Vulnerability Discovered in VMware vCenter Server May 26, 2021 11:32 GMT
· Comment
VMware
VMware has released fixes to address a significant vulnerability in vCenter System that can be exploited by an attacker to execute arbitrary code on the server.
The vulnerability, identified as CVE-2021-21985 (CVSS score 9.8), originates from a lack of input validation in the Virtual SAN (vSAN) plug-in Health Check. This plug-in is enabled by default in vCenter Server.
VMware said in its advisory that A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server .
VMware Urges Rapid Patching for Serious vCenter Server Bug govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.
By Juha Saarinen on Feb 25, 2021 11:27AM
Patches available for no-authentication vulnerability with proof-of-concept.
Administrators are advised to patch their VMware servers as soon as possible, after a proof of concept for a critical remote code execution (RCE) vulnerability that requires no authentication to exploit was released.
Positive Technologies security researcher Mikhail Klyuchnikov reported the RCE vulnerability to VMware in October last year, but kept details of the flaw under wraps.
However, a Chinese security vendor, Noah Lab, published a proof of concept for vCenter RCE today.
Mass scans for the vulnerability are currently taking place, security vendor Bad Packets said.