Security News > 2021 > May > VMware Sounds Ransomware Alarm Over Critical Severity Bug
VMware's virtualization management platform, vCenter Server, has a critical severity bug the company is urging customers to patch "As soon as possible".
VMware patched a critical bug impacting its vCenter Server platform with a severity rating of 9.8 out of 10.
VMware went a step further on Tuesday, calling on IT security teams - already on high alert over an uptick in costly and destructive ransomware attacks - to patch systems fast.
Gamblin is referring to both the critical CVE-2021-21985 bug and a second vulnerability reported by VMware on Tuesday, CVE-2021-21986.
"The vSphere Client contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server," VMware's security bulletin states for the critical bug.
VMware credited the researcher identified only as "Ricter Z" of 360 Noah Lab for finding the bug.
News URL
https://threatpost.com/vmware-ransomware-alarm-critical-bug/166501/
Related news
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Ransomware batters critical industries, but takedowns hint at relief (source)
- BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave (source)
- Cicada3301 ransomware’s Linux encryptor targets VMware ESXi systems (source)
- Linux version of new Cicada ransomware targets VMware ESXi servers (source)
- RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors (source)
- VMware ESXi Servers Targeted by New Ransomware Variant from Cicada3301 Group (source)
- Ransomware attacks escalate as critical sectors struggle to keep up (source)
- Critical SonicWall SSLVPN bug exploited in ransomware attacks (source)
- Broadcom fixes critical RCE bug in VMware vCenter Server (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-26 | CVE-2021-21986 | Missing Authentication for Critical Function vulnerability in VMWare Vcenter Server 6.5/6.7/7.0 The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. | 10.0 |
| 2021-05-26 | CVE-2021-21985 | Improper Input Validation vulnerability in VMWare Vcenter Server 6.5/6.7/7.0 The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. | 10.0 |