Expert Comment: VMware Vulnerabilities Ripe For Exploitation

BACKGROUND:

Right now there are some very critical VMware vulnerabilities that are ripe for exploitation and have some serious implications for anyone using vCenter. In light of this news, please see a comment from cybersecurity expert.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Jeff Costlow
Jeff Costlow , CISO
InfoSec Expert
September 23, 2021 12:36 pm

<p>The security flaws disclosed by VMware on Tuesday have several serious implications for any organization using vCenter. Our sensors show vCenter instances in 79% of enterprise environments. </p>
<p>As a VMware spokesperson acknowledged, chances are that someone is already on your network, looking for an avenue to perform remote code execution, and these VMware security flaws allow that and then some. The most critical, CVE-2021-22005, allows an attacker to execute both commands and software on any unpatched device. Other vulnerabilities provide additional avenues for remote code execution and privilege escalation. Strung together, these vulnerabilities could allow someone to inflict significant damage in a short period of time.</p>
<p>With the announcement of these security flaws, the clock is running on when POCs will become available for exploitation. The first step is to heed VMware’s advice. Patch these devices as soon as possible. The second step is to closely monitor your network for any anomalous activity that may indicate that a device has already been compromised.</p>

Last edited 1 year ago by Jeff Costlow
1
0
Would love your thoughts, please comment.x
()
x