Security News > 2021 > September > Working Exploit Is Out for VMware vCenter CVE-2021-22005 Flaw

A working exploit for the critical CVE-2021-22005 remote-code execution vulnerability in VMware vCenter is now fully public and is being exploited in the wild.

"This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of the configuration settings of vCenter Server," said Bob Plankers, Technical Marketing Architect at VMware, when VMware announced the vulnerability on Tuesday.

VMware announced CVE-2021-22005 a week ago, on Sept. 21, as part of a security update that included patches for 19 CVE-numbered vulnerabilities that affect the company's vCenter Server virtualization management platform and its hybrid Cloud Foundation platform for managing VMs and orchestrating containers.

VMware urged users to declare an "Emergency change" per ITIL definitions of change types and to patch as soon as possible.

On Friday, the Cybersecurity and Infrastructure Security Agency warned that VMware had confirmed that threat actors were exploiting the bug and that security researchers were reporting mass scanning for vulnerable vCenter servers and publicly available exploit code.

Your top takeaway will be a Linux roadmap to getting the basics right! REGISTER NOW and join the LIVE event on Sept. 29 at Noon EST. Joining Threatpost is Uptycs' Ben Montour and Rishi Kant who will spell out Linux security best practices and take your most pressing questions in real time.

News URL

https://threatpost.com/working-exploit-vmware-vcenter-cve-2021-22005/175059/