Security News > 2021 > September > Exploits imminent for critical VMware vCenter CVE-2021-22005 bug
Exploit code that could be used to achieve remote code execution on VMware vCenter Server vulnerable to CVE-2021-22005 is currently spreading online.
Publicly disclosed earlier this week when VMware also addressed it, the bug comes with a critical severity rating of 9.8 and a strong recommendation to install the available patch.
Earlier today, Vietnamese security researcher Jang published technical notes for CVE-2021-22005 based on the workaround and the patch from VMware.
The details are enough for experienced developers to create a working exploit that allows remote code execution with root privileges, the researcher told BleepingComputer.
Currently, there are thousands of vCenter Server instances exposed to the public internet but not all are vulnerable to CVE-2021-22005.
Provided the severity of the flaw, the interest in vulnerable vCenter Server deployments, and the availability of partial PoC exploit code, it is reasonable to assume that attacks leveraging CVE-2021-22005 are likely to start soon.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-23 | CVE-2021-22005 | Path Traversal vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. | 9.8 |