VMware Advisory – Expert Comment

By   ISBuzz Team
Writer , Information Security Buzz | Feb 25, 2021 04:34 am PST

On Tuesday, VMWare published an advisory for multiple vulnerabilities, including two flaws, in VMware vCenter Server.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Satnam Narang
Satnam Narang , Senior Research Engineer
February 25, 2021 1:02 pm

<p>At least four proof-of-concept exploit scripts for CVE-2021-21972, a critical remote code execution flaw in VMWare’s vCenter Server solution are currently available. We know that the availability of proof-of-concept code or exploit scripts following the publication of a critical vulnerability is a boon for threat actors.</p> <p> </p> <p>While some cyber criminals may be adept at developing their own proof-of-concept exploits, threat actors are keen on leveraging what’s publicly available, as evidenced in the Copy Paste Compromises report from the Australian Cyber Security Centre in June 2020 that arrived at the same conclusion.</p> <p> </p> <p>There are confirmed reports that attackers are probing for vulnerable vCenter Server systems. According to a Shodan search, there are over 6,700 publicly accessible vCenter Servers. Coupled with the availability of these exploit scripts, it is all the more imperative for organizations to apply the available patches immediately instead of relying on temporary workarounds.</p>

Last edited 2 years ago by Satnam Narang

Recent Posts

Would love your thoughts, please comment.x