Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

VMware security warning: Multiple vulnerabilities in vCenter Server could allow remote network access

Multiple critical security vulnerabilities in two VMware network administration tools that could allow an attacker to have full access to an organization’s network have been patched.

Users of the vCenter Server and Cloud Foundation products are urged to update immediately to protect against the issues, which are being tracked collectively as VMSA-2021-0020.

The most critical issue (CVE-2021-22005) is a file upload vulnerability that can be used to execute commands and software on the vCenter Server Appliance.

security advisory issued yesterday (September 21) warns that the vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of the configuration settings of vCenter Server.

While the other issues have lower CVSS scores, VMware has warned that they may still be usable to an attacker that is already inside an organization’s network.

The advisory reads: “One of the biggest problems facing IT today is that attackers often compromise a desktop and/or user account on the corporate network, and then patiently and quietly use that to break into other systems over long periods of time.

“They steal confidential data, intellectual property, and at the end install ransomware and extort payments from their victims.

“Less urgent security vulnerabilities can still be potential tools in the hands of attackers, so VMware always recommends patching to remove them.”

Patch batch

Among the other bugs in vCenter Server are a local privilege escalation vulnerability (CVE-2021-21991), a reverse proxy bypass vulnerability (CVE-2021-22006), and improper permission local privilege escalation vulnerabilities (CVE-2021-22015).

Chris Sedgewick, director of security operations at Talion, commented: “Due to its global prevalence VMWare is a lucrative platform for attackers to target, and recently VMWare exploits have been extremely popular, with sophisticated state-backed groups and intelligence services utilizing them to assist in the successful execution of their campaigns.

“Back in May, a similar exploit in vCenter was disclosed after Russian threat groups were exploiting it. Therefore, it is especially important for users to take swift action by quickly follow the recommended actions and implement the security updates for VMWare.”

There is a workaround available to mitigate the most critical vulnerability, however users are advised to patch their software against all issues.

VMware wrote: “All vulnerabilities, even ones with lower CVSS scores, are tools in the hands of attackers. We urge customers to patch vCenter Server immediately.”

More information including a FAQ can be found on the VMware blog.

Source: https://portswigger.net/daily-swig/vmware-security-warning-multiple-vulnerabilities-in-vcenter-server-could-allow-remote-network-access

Advertisement. Scroll to continue reading.
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

Zero Trust Data Access (ZTDA) constitutes a fundamental aspect of the wider Zero Trust security framework, which entails limiting data access. The Zero Trust security approach...

Cyber Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on their networks against two...

Cyber Security

Businesses and developers are focusing more on the security of applications in their digital environment as cyber threats and data breaches continue escalating. The...

Cyber Security

HCL BigFix is an endpoint management platform that has the capability to automate discovery, management, and remediation. It can find and fix vulnerabilities on...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO