Comment on vulnerabilities in VMware vCenter Server from Tenable

Tenable Vulnerability Management

“At least four proof-of-concept exploit scripts for CVE-2021-21972, a critical remote code execution flaw in VMWare’s vCenter Server solution are currently available. We know that the availability of proof-of-concept code or exploit scripts following the publication of a critical vulnerability is a boon for threat actors.

“While some cybercriminals may be adept at developing their own proof-of-concept exploits, threat actors are keen on leveraging what’s publicly available, as evidenced in the Copy Paste Compromises report from the Australian Cyber Security Centre in June 2020 that arrived at the same conclusion.

“There are confirmed reports that attackers are probing for vulnerable vCenter Server systems. According to a Shodan search, there are over 6,700 publicly accessible vCenter Servers. Coupled with the availability of these exploit scripts, it is all the more imperative for organizations to apply the available patches immediately instead of relying on temporary workarounds.”– Satnam Narang, Staff Research Engineer, Tenable


Related posts

Videonetics and Wasabi Announce Technology Partnership to Enable Cloud-Based Storage of Surveillance Files

SSI Bureau

Build your acumen for the hottest job of the century with an industry-focused MS in AI & ML Ops from NMIMS Global & INSOFE

SSI Bureau

Intel Powers First Satellite with AI on Board

SSI Bureau

Leave a Comment

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

error: Content is protected !!