Security News > 2023 > March > CISA warns of critical VMware RCE flaw exploited in attacks
CISA has added a critical severity vulnerability in VMware's Cloud Foundation to its catalog of security flaws exploited in the wild.
The flaw was found in the XStream open-source library used by vulnerable VMware products and has been assigned an almost maximum severity score of 9.8/10 by VMware.
"Due to an unauthenticated endpoint that leverages XStream for input serialization in VMware Cloud Foundation, a malicious actor can get remote code execution in the context of 'root' on the appliance," VMware explains.
VMware released security updates to address the CVE-2021-39144 flaw reported by Sina Kheirkhah of MDSec and Steven Seeley of Source Incite on October 25th. Because of the severity of the issue, VMware also issued patches for some end-of-life products.
CISA's decision to include the CVE-2021-39144 vulnerability in its Known Exploited Vulnerabilities catalog follows confirmation from VMware that the bug is being exploited in the wild.
With the flaw's addition to the KEV catalog, CISA has ordered U.S. federal agencies to secure their systems against attacks within three weeks, until March 31st, to thwart attacks that might target their networks.
News URL
Related news
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- HPE warns of critical RCE flaws in Aruba Networking access points (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-23 | CVE-2021-39144 | Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |