Home > Cyber News > CVE-2021-22005: VMware vCenter Flaw Could Be Exploited by Ransomware
CYBER NEWS

CVE-2021-22005: VMware vCenter Flaw Could Be Exploited by Ransomware

by   |  Last Update:  |  0 Comments  

CVE-2021-22005

A new severe, arbitrary file upload VMware vCenter Server vulnerability, identified as CVE-2021-22005, needs immediate patching.

Impacting VMware Analytics service, the flaw affects all appliances running default 6.5, 6.7 and 7.0 installations. The vulnerability is a part of a broader mix of security flaws (VMSA-2021-0020), but appears to be the most dangerous and urgent one.




CVE-2021-22005

How urgent is the vulnerability? “These updates fix a critical security vulnerability, and your response needs to be considered at once,” said Bob Plankers, VMware’s Technical Marketing Architect.

The severe status of the vulnerability is based on the fact that anyone who can reach vCenter Server over the network to gain access can abuse the issue, regardless of the configuration settings of vCenter Server.

“In this era of ransomware it is safest to assume that an attacker is already inside your network somewhere, on a desktop and perhaps even in control of a user account, which is why we strongly recommend declaring an emergency change and patching as soon as possible,” Plankers added.

In fact, two vulnerabilities in the VMWare ESXi product were recently included in the attacks of at least one prominent ransomware gang.

Furthermore, CVE-2021-22005 can be exploited to execute commands and executables on the vCenter Server Appliance. The issue is so severe that exploits stemming from it are likely being coined minutes after the disclosure.

Other Recent VMware Flaws with Critical Status

In June 2021, another critical issue was addressed in VMware’s Carbon Black App Control management server. Rated 9.4 according to the CVSS scale, the severe flaw could grant threat actors with admin rights without any authentication.

CVE-2021-21985 is another critical vulnerability in VMware vCenter that needed to be patched immediately. The vulnerability was rated with a CVSS score of 9.8 out of 10, and could enable a malicious actor to execute arbitrary code on a targeted server.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. CVE-2021-21985: Critical Flaw in VMware vCenter Needs Immediate Patching CVE-2021-21985 is a critical vulnerability in VMware vCenter that needs...
  2. CVE-2021-22048: Patch Available for VMware Server Flaw CVE-2021-22048 is a high-severity privilege escalation vulnerability in the VMware...
  3. VMware Fixes Eight Serious Security Issues (CVE-2022-22954) VMware has fixed a total of eight security vulnerabilities in...
  4. CVE-2022-31656: Critical VMware Authentication Bypass Vulnerability VMware recently released another set of patches addressing a number...
  5. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  6. CVE-2021-21998: Critical Bug in VMware’s Carbon Black App Control Critical Vulnerability in VMware’s Carbon Black App Control There’s a...
  7. CVE-2022-22966: Critical VMware Cloud Director Vulnerability Another critical VMware vulnerability which could put cloud infrastructures at...
  8. RansomExx Gang Is Exploiting VMWare Bugs CVE-2019-5544, CVE-2020-3992 Ransomware operators are known to exploit various vulnerabilities, especially in...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree