Security News > 2021 > September > Hackers exploiting critical VMware vCenter CVE-2021-22005 bug

Hackers exploiting critical VMware vCenter CVE-2021-22005 bug
2021-09-24 18:04

Exploit code that could be used for remote code execution on VMware vCenter Server vulnerable to CVE-2021-22005 has been released today and attackers are already using it.

Publicly disclosed earlier this week when VMware also addressed it, the bug comes with a critical severity rating of 9.8 and a strong recommendation to install the available patch.

Signs of these attacks coming were seen shortly after VMware disclosed the security issue and released a patch.

Jang published technical notes for CVE-2021-22005 based on the workaround and the patch from VMware.

Currently, search engines for internet-connected devices show thousands of VMware vCenter Server instances exposed to the public internet.

Update : Shortly after publishing, BleepingComputer learned that hackers have started to exploit CVE-2021-22005 using code released by security researcher Jang.


News URL

https://www.bleepingcomputer.com/news/security/hackers-exploiting-critical-vmware-vcenter-cve-2021-22005-bug/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-09-23 CVE-2021-22005 Path Traversal vulnerability in VMWare Cloud Foundation and Vcenter Server
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service.
network
low complexity
vmware CWE-22
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Vmware 186 85 404 200 101 790