Security News > 2021 > May > VMware Sounds Ransomware Alarm Over Critical Severity Bug
VMware's virtualization management platform, vCenter Server, has a critical severity bug the company is urging customers to patch "As soon as possible".
VMware patched a critical bug impacting its vCenter Server platform with a severity rating of 9.8 out of 10.
VMware went a step further on Tuesday, calling on IT security teams - already on high alert over an uptick in costly and destructive ransomware attacks - to patch systems fast.
Gamblin is referring to both the critical CVE-2021-21985 bug and a second vulnerability reported by VMware on Tuesday, CVE-2021-21986.
"The vSphere Client contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server," VMware's security bulletin states for the critical bug.
VMware credited the researcher identified only as "Ricter Z" of 360 Noah Lab for finding the bug.
News URL
https://threatpost.com/vmware-ransomware-alarm-critical-bug/166501/
Related news
- Akira and Fog ransomware now exploit critical Veeam RCE flaw (source)
- Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- VMware fixes critical RCE, make-me-root bugs in vCenter - for the second time (source)
- Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-26 | CVE-2021-21986 | Missing Authentication for Critical Function vulnerability in VMWare Vcenter Server 6.5/6.7/7.0 The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. | 9.8 |
| 2021-05-26 | CVE-2021-21985 | Improper Input Validation vulnerability in VMWare Vcenter Server 6.5/6.7/7.0 The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. | 9.8 |