infotechlead

VMware server customers can face cyber attack

Cyber security researchers have discovered that over 6,700 servers of VMware are currently exposed online and are connected to the internet and vulnerable to new bugs by hackers.
VMware servers
The exposed servers can let hackers slip malware into unpatched devices and take over companies’ entire networks, reports ZDNet.

“We’ve detected mass scanning activity targeting vulnerable VMware vCenter servers,” threat intelligence firm Bad Packets said in a tweet late on Wednesday.

A Chinese security researcher has published a proof-of-concept code on their blog for vulnerability in VMware servers billed as CVE-2021-21972.

This vulnerability impacts vSphere Client (HTML5), a plugin of VMware vCenter, a type of server usually deployed inside large enterprise networks.

It is a centralised management utility through which IT personnel manage VMware products installed on local workstations.

Another cyber security firm PT Swarm tweeted: “VMware fixed an Unauth RCE in vCenter (CVE-2021-21972) found by our researcher Mikhail Klyuchnikov.

The issue has been classified as highly critical and privately reported to VMware, which has released official patches, the report noted.

The exploit for this bug is also a one-line cURL request, which makes it easy even for low-skilled threat actors to automate attacks.

More than 6,700 VMware vCenter servers are connected to the internet and are now vulnerable to takeover attacks if administrators failed to apply the CVE-2021-21972 patches.

VMware has urged customers to update their systems as soon as possible.

Latest

More like this
Related

Beware of cybersecurity scams during summer holidays: Check Point warns of travel-related phishing surge

With the summer vacation season in full swing, cybercriminals...

Microsoft offers free AI-powered cybersecurity program to European governments

Microsoft has launched a new cybersecurity initiative aimed at...

Hackers exploit modified Salesforce tool to breach corporate networks and steal data

Cybercriminals are weaponizing a modified version of Salesforce’s Data...

CrowdStrike Q1 revenue jumps 20% on enterprise wins, Falcon Flex surge, and AI innovation

CrowdStrike has reported 20 percent increase in its first-quarter...