Security News > 2021 > September > VMware Warns of Ransomware-Friendly Bug in vCenter Server
VMware has released a security update that includes patches for 19 CVE-numbered vulnerabilities that affect the company's vCenter Server virtualization management platform and its hybrid Cloud Foundation platform for managing VMs and orchestrating containers.
"This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of the configuration settings of vCenter Server," said Bob Plankers, Technical Marketing Architect at VMware.
The security update addresses flaws in vCenter Server 6.5, 6.7, and 7.0.
If a phishing attack has compromised an account(s), it means that the attacker "May already be able to reach vCenter Server from inside a corporate firewall, and time is of the essence," VMware stressed.
Other security controls that can help to protect users' networks until they can patch include using network perimeter access controls or the vCenter Server Appliance firewall to curtail access to the vCenter Server management interfaces.
Greg Fitzgerald, co-founder of the cybersecurity firm Sevco Security, noted that vulnerabilities such as this one point to the need to go far beyond patching this vCenter bug.
News URL
https://threatpost.com/vmware-ransomware-bug-vcenter-server/174901/
Related news
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE (source)
- Ransomware hits web hosting servers via vulnerable CyberPanel instances (source)
- Meet Interlock — The new ransomware targeting FreeBSD servers (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)