VMware reveals critical hypervisor bugs found at Chinese white hat hacking comp. One lets guests run code on hosts

2020-11-20 04:26

VMware has revealed and repaired the flaws in its hypervisor discovered at China's Tianfu Cup white hat hacking competition.

The bug needs patching in ESXi from version 6.5, VMware's Fusion and Workstation desktop hypervisors from versions 11 and 15 respectively, plus VMware Cloud Foundation from version 3.

Patches are available for the two flaws, with download details available at VMware's security advisory page.

The white hats also took home a $180,000 reward for their troubles - cheap security research for $10.8bn VMware.

The flaws were revealed on November 8th - just 11 days before VMware's disclosure and delivery of fixes.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/11/20/vmware_esxi_flaws/

#chinese #critical #hacking #vmware #whitehat

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Vmware		186	83	403	198	101	785

News URL

Related news

Related vendor