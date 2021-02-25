Critical remote code execution bug found in VMware vCenter

By on
Critical remote code execution bug found in VMware vCenter

Patches available for no-authentication vulnerability with proof-of-concept.

Administrators are advised to patch their VMware servers as soon as possible, after a proof of concept for a critical remote code execution (RCE) vulnerability that requires no authentication to exploit was released.

Positive Technologies security researcher Mikhail Klyuchnikov reported the RCE vulnerability  to VMware in October last year, but kept details of the flaw under wraps.

However, a Chinese security vendor, Noah Lab, published a proof of concept for vCenter RCE today.

Mass scans for the vulnerability are currently taking place, security vendor Bad Packets said.

Klyuchnikov said the RCE vulnerability is due to attackers being able to upload unauthorised files such as Java Server Pages scripts to VMware servers, enabling the execution of arbitrary commands with elevated privileges.

As a result, "a malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server," VMware said in its security advisory this week.

VMware has released patches for the RCE which is rated as critical with a 9.8 out of 10 score.

A second RCE vulnerability in the OpenSLP (Server Location Protocol), rated as important with a score of 8.8, was also patched by VMware, along with five bugs deemed moderately severe.

VMware said its ESXi, the vSphere Client for Center Server and Cloud Foundation products are vulnerable to the above flaws.

A scan of the internet by iTnews using the Shodan search engine found 112 potentially vulnerable vCenter systems in Australia, and 13 in New Zealand.

Around the world, Shodan found 6575 systems, most of them being located on United States networks.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
positive technologies pt swarm security vcenter vmware vsphere

Sponsored Whitepapers

The top 5 tech trends to deliver business outcomes
The top 5 tech trends to deliver business outcomes
10 reasons why businesses need to invest in cloud security training
10 reasons why businesses need to invest in cloud security training
Your guide to application security solutions
Your guide to application security solutions
State of Software Security: Open Source Edition
State of Software Security: Open Source Edition
Five questions to ask before you upgrade to a SIEM solution
Five questions to ask before you upgrade to a SIEM solution

Events

Most Read Articles

Aussie Broadband switches mobile allegiance from Telstra to Optus

Aussie Broadband switches mobile allegiance from Telstra to Optus
Aussie Broadband brings in NBN users chasing a better experience

Aussie Broadband brings in NBN users chasing a better experience
Bosch, Microsoft join forces to develop vehicle software platform

Bosch, Microsoft join forces to develop vehicle software platform
Infosys scores another $40m for Centrelink payments engine build

Infosys scores another $40m for Centrelink payments engine build
You must be a registered member of iTnews to post a comment.
| Register

Log In

Username / Email:
Password:
  |  Forgot your password?