VMWare VCenter affected by multiple RCE vulnerabilities

THREAT LEVEL: Red.

For a detailed advisory, download the pdf file here.

Multiple Remote code execution vulnerabilities have been patched by VMWare today. These vulnerabilities (CVE-2021-21985, CVE-2021-21986) exist due to lack of validation in vSAN(Virtual SAN) Health Check Plug-in which is a default plug-in in vCenter Server. Anyone with an unauthorized network access to port 443 can exploit these by executing commands which do not require any privileges on the OS where vCenter server exists.

Vulnerability Details

Patch Link

https://www.vmware.com/security/advisories/VMSA-2021-0010.html

References

https://thehackernews.com/2021/05/critical-rce-vulnerability-found-in.html
https://www.tenable.com/blog/cve-2021-21985-critical-vmware-vcenter-server-remote-code-execution?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+tenable%2FqaXL+%28Tenable+Network+Security+Blog%29

VMWare VCenter affected by multiple RCE vulnerabilities

THREAT LEVEL: Red.

Vulnerability Details

Patch Link

References

FragAttacks – Allowing adversaries to steal data by intercepting vulnerable network traffic from Wi-Fi devices

Wormable vulnerability found in Windows HTTP Protocol Stack could result in malicious code execution on the OS kernel

Recent Posts