VMware has fixed three critically-rated flaws across its virtualisation products that could be exploited by hackers to conduct remote code execution attacks against enterprise systems.
The firm has issued updates for three flaws present across its VMware ESXi bare-metal hypervisor and vSphere Client virtual infrastructure management platform, including a severe bug rated 9.8 out of ten on the CVSS scale.
This vulnerability, tracked as CVE-2021-21972, is embedded in a vCenter Server plugin in the vSphere Client. Attackers with network access to port 443 may exploit this to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.
Also patched is CVE-2021-21974, which is a heap buffer overflow vulnerability in the OpenSLP component of ESXi and is also rated a severe 8.8. Cyber criminals lying dormant within the same network segment as ESXi, also with access to port 427, may trigger the issue in OpenSLP which could also result in remote code execution.
Finally, CVE-2021-21973 is a server-side request forgery (SSRF) flaw in vSphere Client which has arisen due to improper validation of URLs in a vCenter Server plugin. This is not as severe as the other two bugs, having only been rated 5.3, but can also be exploited by those with access to port 443 to leak information.
There are workarounds that users can deploy for both CVE-2021-21972 and CVE-2021-21973 that are detailed here until a fix is deployed by the system administrator.
Users can patch these flaws, however, by updating the products to the most recent versions. These include 7.0 U1c, 6.7U3I and 6.5 U3n of vCenter Server, 4.2 and 3.10.1.2 of Cloud Foundation, as well as ESXi70U1c-17325551, ESXi670-202102401-SG and ESXi650-202102101-SG of ESXi.
These vulnerabilities were privately brought to the attention of VMware and customers are urged to patch their systems immediately.
-
M&S suspends online sales as 'cyber incident' continuesNews Marks & Spencer (M&S) has informed customers that all online and app sales have been suspended as the high street retailer battles a ‘cyber incident’.
-
Manners cost nothing, unless you’re using ChatGPTOpinion Polite users are costing OpenAI millions of dollars each year – but Ps and Qs are a small dent in what ChatGPT could cost the planet
-
Barracuda Networks says hacked devices “must be immediately replaced” despite patchesNews Seven-month exploitation of a critical vulnerability enabled persistent backdoor access in its email security gateway devices
-
The IT Pro Podcast: The problem with APIsIT Pro Podcast With API attacks on the rise, knowing your attack surface is crucial
-
Podcast transcript: The problem with APIsIT Pro Podcast Read the full transcript for this episode of the IT Pro Podcast
-
GTA V vulnerability exposes PC users to partial remote code execution attacksNews Millions of GTA Online players could fall prey to malware or data corruption
-
MSI to release securer BIOS settings after critical flaw discoveredNews The firm has admitted it essentially disabled Secure Boot on its motherboards in an attempt to improve customisability
-
China-backed hackers take down Amnesty International Canada for three weeksNews Cyber security experts linked state-sponsored APTs to the tools and methodology of the attack, which may have been intended as a covert campaign
-
Hyundai vulnerability allowed remote hacking of locks, engineNews Researchers discovered flaws in a number of apps linked to car brands that allowed for personal details and remote control of vehicles using easily-obtained IDs
-
Lenovo patches ThinkPad, Yoga, IdeaPad UEFI secure boot vulnerabilityNews Mistakenly used drivers could allow hackers to modify the secure boot process
