VMware

VMware Aria Operations for Networks Authentication Bypass Vulnerability (CVE-2023-34039)

September 5, 2023

Overview Recently, NSFOCUS CERT detected an Authentication Bypass vulnerability in VMware Aria Operations for Networks. Due to the lack of unique cryptographic key generation, Aria Operations for Networks is susceptible to an authentication bypass vulnerability. Attackers with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations […]

VMware vCenter Server Multiple High Risk Vulnerabilities Notification

June 28, 2023

Overview Recently, NSFOCUS CERT found that VMware’s official security announcement disclosed multiple vulnerabilities in VMware vCenter Server, which could be used by attackers to cause remote code execution, cross-border write and read, etc. Currently, the official version has been updated and fixed. Affected users should take protective measures as soon as possible. Key Vulnerabilities vCenter […]

VMware Aria Operations for Networks Remote Code Execution Vulnerability (CVS 2023-20887) Notification

June 20, 2023

Overview Recently, NSFOCUS CERT detected a remote code execution vulnerability in VMware Aria Operations for Networks. Due to a specific flaw in the createSupportBundle method, the string entered by the user is not properly validated when executing system calls. Unauthenticated remote attackers can exploit this vulnerability through command injection, ultimately enabling the execution of arbitrary […]

VMware Carbon Black App Control Remote Code Execution Vulnerability (CVE-2023-20858) Notification

February 27, 2023

Overview Recently, NSFOCUS CERT found that VMware has officially fixed an App Control injection vulnerability (CVE-2023-20858). Due to flaws in product verification of user-input content, attackers with App Control management console permissions can access the underlying server operating system by entering specially crafted data, and ultimately achieve arbitrary code execution on the target system. The […]

Multiple Security Vulnerabilities Alerts of VMware vRealize Log Insight

February 1, 2023

Overview Recently, NSFOCUS CERT found that VMware has officially fixed multiple security vulnerabilities in VMware vRealize Log Insight. Under default configuration conditions, unauthenticated attackers exploit the following key vulnerabilities in combination, and finally achieve arbitrary code execution with ROOT privileges on the target system. These vulnerabilities have been successfully verified by international security teams, and […]

VMware vCenter Server Multiple High-Risk Vulnerabilities Threat Alert

October 22, 2021

Overview According to NSFOCUS CERT’s monitoring, VMware’s official security advisory, disclosing multiple vulnerabilities in VMware vCenter Server on September 22. Those issues allow attackers to cause information disclosure, privilege promotion and remote code execution. Now VMware has released security updates to fix the vulnerabilities. Affected users are advised to take measures for protection. vCenter Server […]

VMware VCenter Server Remote Code Execution Vulnerability (CVE-2021-21985) Threat Alert

June 4, 2021

Vulnerability Description On May 26, NSFOCUS CERT discovered that VMware released a security advisory that announces mitigation of the VMware vCenter Server remote code execution vulnerability (CVE-2021-21985) and vCenter Server plug-in authentication bypass vulnerability (CVE-2021-21986). The Virtual SAN Check plug-in in vCenter Server lacks input validation, allowing attackers who have accessed vSphere Client (HTML5) through […]

VMware Multiple High-Risk Vulnerabilities

March 1, 2021

Vulnerability Description On February 23, 2021, VMware released a security bulletin to announce the fix of two high-risk vulnerabilities in vSphere Client and ESXi. CVE-2021-21972: vSphere Client (HTML5) contains a remote code execution vulnerability in the vRealize Operations plug-in in vCenter Server, with the CVSSv3 score of 9.8. The affected vRealize Operations plug-in is installed […]

VMware ESXi Remote Code Execution Vulnerability (CVE-2020-3992) Threat Alert

November 13, 2020

Vulnerability Description

On October 21, 2020, NSFOCUS detected that VMware released a security advisory that fixes a VMware ESXi remote code execution vulnerability (CVE-2020-3992). This vulnerability exists because OpenSLP as used in VMware ESXi has a use-after-free issue. An attacker residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution. The vulnerability is assigned a CVSS base score of 9.8. Users should take preventive measures as soon as possible.

Reference link:

https://www.vmware.com/security/advisories/VMSA-2020-0023.html
(more…)

VMware vRealize Operations for Horizon Adapter Remote Code Execution Vulnerability (CVE-2020-3943) Threat Alert

March 13, 2020

Overview

Recently, VMware released a security advisory, announcing remediation of a remote code execution vulnerability (CVE-2020-3943) in vRealize Operations for Horizon Adapter. VMware has evaluated the severity of this vulnerability to be in the critical severity range with a maximum CVSSv3 base score of 9.0. (more…)

Search

Subscribe to the NSFOCUS Blog