virus logo Outbreak Alert

VMware vCenter Server Vulnerabilities

Released: Jul 22, 2021

Download PDF »

VMWare vCenter vulnerabilities Vulnerability Tags

High Severity

VMware Vendor

Subscribe

VMware vCenter Server remote code execution and authentication vulnerabilities

VMware’s virtualization management platform, vCenter Server, has a critical severity bug the company is urging customers to patch “as soon as possible”. https://threatpost.com/vmware-ransomware-alarm-critical-bug/166501/ Admins responsible for vCenter machines that have yet to patch CVE-2021-21985 should install the update immediately if possible. Learn More »

Common Vulnerabilities and Exposures



Background

The vSphere Client (HTML5) contains a remote code execution vulnerabilities (CVE-2021-21985, CVE-2021-21986) due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. Threat actors are actively scanning for Internet-exposed & un-patched VMware vCenter servers. Security researchers have also developed and published a proof-of-concept (PoC) RCE exploit code targeting this critical VMware vCenter bug tracked as CVE-2021-21985.

Click here to analyze the

Real-Time Threat Map

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.


Full details are available from VMWare's announcement at
https://www.vmware.com/security/advisories/VMSA-2021-0010.html
NMAP script to identify the vulnerability:
https://github.com/alt3kx/CVE-2021-21985_PoC/blob/main/CVE-2021-21985.nse


April 27, 2022: Added to CISA, 2021 Top Routinely Exploited Vulnerabilities

FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.


PROTECT

  • Vulnerability

  • IPS

DETECT

  • Outbreak Detection

  • Threat Hunting

RESPOND

  • Assisted Response Services

  • Automated Response

RECOVER

  • NOC/SOC Training

  • End-User Training

IDENTIFY

  • Attack Surface Hardening

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.