Expert Comment: VMware Vulnerabilities Ripe For Exploitation

BACKGROUND:

Right now there are some very critical VMware vulnerabilities that are ripe for exploitation and have some serious implications for anyone using vCenter. In light of this news, please see a comment from cybersecurity expert.

Experts Comments

September 23, 2021
Jeff Costlow
CISO
ExtraHop

The security flaws disclosed by VMware on Tuesday have several serious implications for any organization using vCenter. Our sensors show vCenter instances in 79% of enterprise environments. 

As a VMware spokesperson acknowledged, chances are that someone is already on your network, looking for an avenue to perform remote code execution, and these VMware security flaws allow that and then some. The most critical, CVE-2021-22005, allows an attacker to execute both commands and software on any

.....Read More

The security flaws disclosed by VMware on Tuesday have several serious implications for any organization using vCenter. Our sensors show vCenter instances in 79% of enterprise environments. 

As a VMware spokesperson acknowledged, chances are that someone is already on your network, looking for an avenue to perform remote code execution, and these VMware security flaws allow that and then some. The most critical, CVE-2021-22005, allows an attacker to execute both commands and software on any unpatched device. Other vulnerabilities provide additional avenues for remote code execution and privilege escalation. Strung together, these vulnerabilities could allow someone to inflict significant damage in a short period of time.

With the announcement of these security flaws, the clock is running on when POCs will become available for exploitation. The first step is to heed VMware’s advice. Patch these devices as soon as possible. The second step is to closely monitor your network for any anomalous activity that may indicate that a device has already been compromised.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.