Security News > 2020 > November > VMware Patches Vulnerabilities Exploited at Chinese Hacking Contest

VMware Patches Vulnerabilities Exploited at Chinese Hacking Contest
2020-11-20 12:02

VMware on Thursday announced releasing patches for a couple of serious ESXi vulnerabilities that were demonstrated at a recent hacking contest in China.

The 360 ESG Vulnerability Research Institute from Chinese cybersecurity company Qihoo 360 earned more than $740,000 of the total, including $180,000 for a VMware ESXi guest to host escape exploit.

VMware was monitoring the event and it immediately started working on patches.

An advisory published by VMware describes two vulnerabilities that were chained at the hacking competition - it's unclear if there are other flaws involved as well.

VMware this week also patched a series of vulnerabilities in its SD-WAN Orchestrator product that could have allowed an unauthenticated attacker to remotely execute arbitrary code, which researchers say could lead to the shutdown of an enterprise network or traffic steering.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/gyBL2LNxW3Y/vmware-patches-vulnerabilities-exploited-chinese-hacking-contest

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Vmware 146 11 222 256 102 591