vCenter is experiencing a VMWare vulnerability to the code execution flaw that leaves it open to cyber attack. If you’re an admin responsible for a vCenter machine, you need to apply the latest patch immediately!
VMWare Vulnerability 9.8 Patch
There is currently a code execution flaw in vCenter that is exploitable and allowing cyber criminals to install a web shell.
The severity of this vulnerability is rated as a 9.8 out of 10. It is listed as being under active exploitation.
This vulnerability is tracked as CVE-2021-21985.
A VMware advisory was published last week that states that vCenter machines that are using default configurations have a bug that, in many networks, allows for the execution of malicious code when the machines are on a port that is exposed to the internet.
VMWare Vulnerability is a High Priority
This is a high priority issue that should be addressed immediately.
Researchers attempting to exploit this vulnerability have published their ability to modify and gain remote code execution with as little as a single mouse click.
If white hat researchers are able to manipulate this vulnerability that quickly, then cyber criminals are as well.
Let RHYNO Networks Upgrade Your VMWare
As always, if we can be of help with your network or computer, give us a call here at RHYNO Networks. (855) 749-6648