Author: Melodie Foster

Date: 26th May 2021

A critical vulnerability has been found in VMware’s vCenter Server that could lead to an attacker being able to execute arbitrary code on the server.

The flaw has been given a CVSS score of 9.8 out of 10 making it critical. It stems from a lack of input validation in a plugin which is enabled by default. VMware said in its advisory about the vulnerability, “a malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.”

The patch also includes a fix for a medium-severity vulnerability whereby an attacker could carry out actions permitted by certain plug-ins without any authentication. VMware recommends for clients that have their vCentre Servers on networks that are accessible from the internet to audit their systems for compromise.

The vulnerable versions include vCenter Server versions 6.5, 6.7, and 7.0 and users are urged to update their software.[1]

[1] https://thehackernews.com/2021/05/critical-rce-vulnerability-found-in.html

Other resources

Cyber success stories

Arcturus cybersecurity consultants work with everyone from public sector bodies and global businesses to SMEs and start-ups. Read our success stories here.
Find out more >

What can Arcturus do for you?

Check out our factsheets for detailed information on the matrix of cybersecurity products and services we offer to protect your business.
Find out more >

Arcturus deep dives

Arcturus cybersecurity consultants explore issues in cyber threat intelligence, incident planning and data security. Read our whitepapers to help make decisions that benefit your business.
Find out more >