Broadcom addressed a critical vulnerability in the VMware vCenter Server that could allow remote attackers to achieve code execution. Broadcom released security updates to address a critical vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), in VMware vCenter Server that could lead to remote code execution. vCenter Server is a critical component in VMware virtualization and […]
VMware addressed a high-severity privilege escalation flaw, tracked as CVE-2021-22048, in vCenter Server IWA mechanism. VMware addressed a high-severity privilege escalation flaw, tracked as CVE-2021-22048 (CVSSv3 base score of 7.1.), in vCenter Server ‘s IWA (Integrated Windows Authentication) mechanism after eight months since its disclosure. The vulnerability can be exploited by an attacker with non-administrative […]
An exploit for the recently disclosed CVE-2021-22005 vulnerability in VMware vCenter was publicly released, threat actors are already using it. A working exploit for the CVE-2021-22005 vulnerability in VMware vCenter is publicly available, and attackers are already attempting to use it in the wild. VMware recently addressed the critical arbitrary file upload vulnerability CVE-2021-22005, it […]
Immediately after the public release of the exploit code for the VMware vCenter CVE-2021-22005 flaw threat actors started using it. Researchers warn that immediately after the release of the exploit code for the recently addressed CVE-2021-22005 flaw in VMware vCenter threat actors started using it. The CVE-2021-22005 issue is a critical arbitrary file upload vulnerability […]
A Chinese security researcher published a PoC code for the CVE-2021-21972 vulnerability in VMware Center, thousands of vulnerable servers are exposed online. A Chinese security researcher published the Proof-of-concept exploit code for the CVE-2021-21972 RCE vulnerability affecting VMware vCenter servers. vCenter Server is the centralized management utility for VMware, and is used to manage virtual machines, multiple ESXi […]
VMware has addressed a critical information disclosure vulnerability related to the Directory Service that can be exploited to compromise vCenter Server. VMware has addressed a critical information disclosure flaw, tracked as CVE-2020-3952, that could be exploited by attackers to compromise vCenter Server or other services that use the Directory Service (vmdir) for authentication. The CVE-2020-3952 […]