Author: Melodie Foster
Date: 26th May 2021
A critical vulnerability has been found in VMware’s vCenter Server that could lead to an attacker being able to execute arbitrary code on the server.
The flaw has been given a CVSS score of 9.8 out of 10 making it critical. It stems from a lack of input validation in a plugin which is enabled by default. VMware said in its advisory about the vulnerability, “a malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.”
The patch also includes a fix for a medium-severity vulnerability whereby an attacker could carry out actions permitted by certain plug-ins without any authentication. VMware recommends for clients that have their vCentre Servers on networks that are accessible from the internet to audit their systems for compromise.
The vulnerable versions include vCenter Server versions 6.5, 6.7, and 7.0 and users are urged to update their software.
Arcturus deep dives
Arcturus cybersecurity consultants explore issues in cyber threat intelligence, incident planning and data security. Read our whitepapers to help make decisions that benefit your business.
Find out more >