Critical remote code execution bug found in VMware vCenter

By

Patches available for no-authentication vulnerability with proof-of-concept.

Administrators are advised to patch their VMware servers as soon as possible, after a proof of concept for a critical remote code execution (RCE) vulnerability that requires no authentication to exploit was released.

Critical remote code execution bug found in VMware vCenter

Positive Technologies security researcher Mikhail Klyuchnikov reported the RCE vulnerability  to VMware in October last year, but kept details of the flaw under wraps.

However, a Chinese security vendor, Noah Lab, published a proof of concept for vCenter RCE today.

Mass scans for the vulnerability are currently taking place, security vendor Bad Packets said.

Klyuchnikov said the RCE vulnerability is due to attackers being able to upload unauthorised files such as Java Server Pages scripts to VMware servers, enabling the execution of arbitrary commands with elevated privileges.

As a result, "a malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server," VMware said in its security advisory this week.

VMware has released patches for the RCE which is rated as critical with a 9.8 out of 10 score.

A second RCE vulnerability in the OpenSLP (Server Location Protocol), rated as important with a score of 8.8, was also patched by VMware, along with five bugs deemed moderately severe.

VMware said its ESXi, the vSphere Client for Center Server and Cloud Foundation products are vulnerable to the above flaws.

A scan of the internet by iTnews using the Shodan search engine found 112 potentially vulnerable vCenter systems in Australia, and 13 in New Zealand.

Around the world, Shodan found 6575 systems, most of them being located on United States networks.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
securityvcentervmwarevsphere

Sponsored Whitepapers

Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Protect APIs. Protect Your Business.
Protect APIs. Protect Your Business.
KnowBe4 Benchmark Report: Reducing Human Risk & Phishing Vulnerability in ANZ
KnowBe4 Benchmark Report: Reducing Human Risk & Phishing Vulnerability in ANZ
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt

Events

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack
Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"
International Criminal Court hit by cyber attack

International Criminal Court hit by cyber attack
Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?