India issues alerts about vulnerabilities in VMware products

The Indian Computer Emergency Response Team (CERT-In) has issued alerts about vulnerabilities in the products of VMware.
VMware at Mobile World Congress
CERT-In found bugs in VMware ESXi and Cloud Foundation, which could be exploited by an attacker to gain access to sensitive information.

These vulnerabilities exist in VMware ESXi and Cloud Foundation due to the Intel and AMD processors it utilises. An attacker with administrative access to a virtual machine could exploit these vulnerabilities by taking advantage of various side-channel CPU flaws, the cyber agency warned.

Exploitation of vulnerabilities could allow an attacker to gain access to sensitive information stored in physical memory about the hypervisor or other virtual machines that reside on the same ESXi host.

The other Branch Type Confusion vulnerability can help attacker with administrative access to a virtual machine take advantage of various side-channel CPU flaws.

The cyber agency has suggested users to apply appropriate updates as provided by the company.

CERT-In reported fresh bugs in Adobe Photoshop and Acrobat that could allow an attacker to execute arbitrary code and obtain sensitive information on the targeted system.