[MART] - Daily Diary #426 - VMWare Fixes Critical Vulnerabilities

[CTAS-MAT]

Hello,
I hope everyone is doing well!

Below is the entry for today.

06/01/2021 - Diary entry #426

This week VMWare published patches for Worksation, Fusion and ESXi fixing a critical heap-overflow vulnerability.

The vulnerability, tracked under CVE-2021-22045, received a CVSS score of 7.7. It allows an attacker with access to a virtual machine with CD-ROM device emulation to execute arbitrary code in the hypervisor machine.

In our previous Daily Diaries, we covered several incidents involving attacks on Virtual Machine Hypervisors (like Citrix and VMWare). This incident is critical considering ransomware operations are focusing on exploiting these services during the lateral movement stage. Affecting the hypervisor gives an attacker access to all virtual machines executing under it, highly increasing the attack surface.

We highly recommend all companies using VMWare as a hypervisor to keep their systems up to date, and to disable CD/DVD drivers in the virtual machines when it's not necessary.

Kind Regards,

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/logo@2x.png]<https://www.appgate.com/>

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/>     [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity>   [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>



Felipe Duarte Domingues
Security Researcher
Appgate

E: felipe.duarte at appgate.com<mailto:felipe.duarte at appgate.com>
O: +55 19 98840 2509

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/mart/attachments/20220106/24de8253/attachment.htm>