The malicious actors are going after the that is unpatched against a critical arbitrary file upload vulnerability. VMware vCenter servers vulnerable to arbitrary file upload leading to remote code execution ( ). There’s no exploit code that’s been made public – yet – but within hours of VMware’s disclosure, threat intelligence firm Bad Packets began to see attackers scanning some of its VMware honeypots for the critical vulnerability.ĬVE-2021-22005 scanning activity detected from 116.48.233.234 (□□). “This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of the configuration settings of vCenter Server,” said Bob Plankers, Technical Marketing Architect at VMware.Ġ92321 0935 UPDATE: On Wednesday afternoon, Bad Packets revealed that it had spotted threat actors scanning for vulnerable vCenter servers that haven’t yet applied VMware’s CVE-2021-22005 update. They’re all serious, but one – CVE-2021-22005, a critical arbitrary file upload vulnerability in the Analytics service that’s been assigned the maximum CVSSv3 base score of 9.8 – is uber nasty. VMware has released a security update that includes patches for 19 CVE-numbered vulnerabilities that affect the company’s vCenter Server virtualization management platform and its hybrid Cloud Foundation platform for managing VMs and orchestrating containers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |