BACKGROUND:
Right now there are some very critical VMware vulnerabilities that are ripe for exploitation and have some serious implications for anyone using vCenter. In light of this news, please see a comment from cybersecurity expert.
BACKGROUND:
Right now there are some very critical VMware vulnerabilities that are ripe for exploitation and have some serious implications for anyone using vCenter. In light of this news, please see a comment from cybersecurity expert.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>The security flaws disclosed by VMware on Tuesday have several serious implications for any organization using vCenter. Our sensors show vCenter instances in 79% of enterprise environments. </p>
<p>As a VMware spokesperson acknowledged, chances are that someone is already on your network, looking for an avenue to perform remote code execution, and these VMware security flaws allow that and then some. The most critical, CVE-2021-22005, allows an attacker to execute both commands and software on any unpatched device. Other vulnerabilities provide additional avenues for remote code execution and privilege escalation. Strung together, these vulnerabilities could allow someone to inflict significant damage in a short period of time.</p>
<p>With the announcement of these security flaws, the clock is running on when POCs will become available for exploitation. The first step is to heed VMware’s advice. Patch these devices as soon as possible. The second step is to closely monitor your network for any anomalous activity that may indicate that a device has already been compromised.</p>