VMware Vulnerability May 2021

VMware vCentre has suffered a major comprise. In response to questions about the attack and the urgency of action, Company representatives at VMware replied, “ Immediate response is needed as the  ramifications of this vulnerability are serious.”

VMware issued an advisory that vCenter machines using default configurations have a bug that, in many networks, allows for the execution of malicious code when the machines are reachable on a port that is exposed to the Internet. The vulnerability is tracked as CVE-2021-21985 and has a severity score of 9.8 out of 10.

“The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in, which is enabled by default in vCenter Server,” Tuesday’s advisory stated.

To find out more about the action, you may need to take, visit.

https://www.vmware.com/security/advisories/VMSA-2021-0010.html

Need Help or Advice?

If you are concerned about the updates or the integrity of your systems, please reach out to us, and we will be happy to see if we can help further. You can reach our team on 0333 344 8971 or by emailing info@cways.co.uk

We hope you stay safe and protected.