VMware Flaw: Patch Now as Hackers, Malware Exploit Security Gap

Health IT Security

Jessica Davis

Since its disclosure by VMware just two weeks ago, researchers have observed attackers hunting for unpatched systems and a widespread bot campaign that delivers worming malware, according to a Cisco Talos report and a Cybersecurity and Security Infrastructure Agency alert.

CISA warns of an increased likelihood that attackers are working to exploit the critical remote code execution (RCE) vulnerability in VMware vCenter Server and Cloud Foundation platforms. Many organizations have failed to patch the flaw with the software update provided on May 25.

Ranked at a 9.8 out of 10 for severity, the flaw is found in vCenter Server 6.5, 6.7, and 7.0 -- widely used across the globe. The vulnerability is caused by a lack of validation input within the Virtual SAN Health Check plugin, which is enabled by default in the vCenter Server.

A successful exploit could enable...

Get the Morning Update

Thanks for subscribing!