Security News > 2021 > September > Exploits imminent for critical VMware vCenter CVE-2021-22005 bug
Exploit code that could be used to achieve remote code execution on VMware vCenter Server vulnerable to CVE-2021-22005 is currently spreading online.
Publicly disclosed earlier this week when VMware also addressed it, the bug comes with a critical severity rating of 9.8 and a strong recommendation to install the available patch.
Earlier today, Vietnamese security researcher Jang published technical notes for CVE-2021-22005 based on the workaround and the patch from VMware.
The details are enough for experienced developers to create a working exploit that allows remote code execution with root privileges, the researcher told BleepingComputer.
Currently, there are thousands of vCenter Server instances exposed to the public internet but not all are vulnerable to CVE-2021-22005.
Provided the severity of the flaw, the interest in vulnerable vCenter Server deployments, and the availability of partial PoC exploit code, it is reasonable to assume that attacks leveraging CVE-2021-22005 are likely to start soon.
News URL
Related news
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Critical security hole in Apache Struts under exploit (source)
- Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits (source)
- Adobe warns of critical ColdFusion bug with PoC exploit code (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-23 | CVE-2021-22005 | Path Traversal vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. | 9.8 |