#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

vmware | Breaking Cybersecurity News | The Hacker News

Critical Auth Bypass Bug Found in VMware Data Center Security Product

Critical Auth Bypass Bug Found in VMware Data Center Security Product

Apr 07, 2021
A critical vulnerability in the VMware Carbon Black Cloud Workload appliance could be exploited to bypass authentication and take control of vulnerable systems. Tracked as CVE-2021-21982, the flaw is rated 9.1 out of a maximum of 10 in the CVSS scoring system and affects all versions of the product prior to 1.0.1.  Carbon Black Cloud Workload is a data center security product from VMware that aims to protect critical servers and workloads hosted on vSphere, the company's cloud-computing virtualization platform. "A URL on the administrative interface of the VMware Carbon Black Cloud Workload appliance can be manipulated to bypass authentication," VMware  said  in its advisory, thereby allowing an adversary with network access to the interface to gain access to the administration API of the appliance. Armed with the access, a malicious actor can then view and alter  administrative configuration settings , the company added. In addition to releasing a fix for CVE-2021
Critical RCE Flaws Affect VMware ESXi and vSphere Client — Patch Now

Critical RCE Flaws Affect VMware ESXi and vSphere Client — Patch Now

Feb 24, 2021
VMware has addressed multiple critical remote code execution (RCE) vulnerabilities in VMware ESXi and vSphere Client virtual infrastructure management platform that may allow attackers to execute arbitrary commands and take control of affected systems. "A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server," the company  said  in its advisory. The vulnerability, tracked as CVE-2021-21972, has a CVSS score of 9.8 out of a maximum of 10, making it critical in severity. "In our opinion, the RCE vulnerability in the vCenter Server can pose no less a threat than the infamous vulnerability in Citrix (CVE-2019-19781)," said Positive Technologies' Mikhail Klyuchnikov, who discovered and reported the flaw to VMware. "The error allows an unauthorized user to send a specially crafted request, which will later give them the opportunity
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
NSA Warns Russian Hacker Exploiting VMware Bug to Breach Corporate Networks

NSA Warns Russian Hacker Exploiting VMware Bug to Breach Corporate Networks

Dec 08, 2020
The US National Security Agency (NSA) on Monday issued an  advisory  warning that Russian threat actors are leveraging recently disclosed VMware vulnerability to install malware on corporate systems and access protected data. Specifics regarding the identities of the threat actor exploiting the  VMware flaw  or when these attacks started were not disclosed. The development comes two weeks after the virtualization software company publicly disclosed the flaw—affecting VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector products for Windows and Linux—without releasing a patch and three days after releasing a software update to fix it. In late November, VMware pushed  temporary workarounds  to address the issue, stating permanent patches for the flaw were "forthcoming." But it wasn't until December 3rd the escalation-of-privileges bug was entirely resolved. That same day, the US Cybersecurity and Infrastructure Security Agenc
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Critical Unpatched VMware Flaw Affects Multiple Corporates Products

Critical Unpatched VMware Flaw Affects Multiple Corporates Products

Nov 24, 2020
VMware has released temporary workarounds to address a critical vulnerability in its products that could be exploited by an attacker to take control of an affected system. "A malicious actor with network access to the administrative configurator on port 8443 and a valid password for the configurator admin account can execute commands with unrestricted privileges on the underlying operating system," the virtualization software and services firm noted in its  advisory . Tracked as CVE-2020-4006, the  command injection  vulnerability has a CVSS score of 9.1 out of 10 and impacts VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. While the company said patches for the flaw are "forthcoming," it didn't specify an exact date by when it's expected to be released. It's unclear if the vulnerability is under active attack. The complete list of products affected are as follows: VMware Workspace One Access (versi
Record-Breaking Deal: Dell to Buy EMC for $67 Billion

Record-Breaking Deal: Dell to Buy EMC for $67 Billion

Oct 12, 2015
Yes, Dell is going to acquire data storage company EMC in a deal worth $67 BILLLLLLION – the largest tech deal of all time. It's record-breaking... Computing giant Dell on Monday finally confirmed that the company is indeed going to purchase the company for creating what it calls " the world's largest privately-controlled, integrated technology company. " Most of you might not have heard of EMC corporation, but it is a tech titan that operates many of the services you use nowadays. EMC offers data center storage and data processing for big technology companies, and now it is been acquired by Dell. " The combination of Dell and EMC creates an enterprise solutions powerhouse bringing our customers industry leading innovation across their entire technology environment, " Michael Dell, CEO and chairman of Dell, said in a statement . The acquisition will benefit Dell to create a new company that will sell a broad range of both consumer as well as
VMware View critical directory traversal vulnerability

VMware View critical directory traversal vulnerability

Dec 20, 2012
(DDI) Vulnerability Research Team (VRT) for reported a critical vulnerability in VMware View Server , that  is a directory traversal vulnerability that allows an unauthenticated remote attacker to retrieve arbitrary files from affected View Servers. Exploitation of this issue may expose sensitive information stored on the server. VMware has issued a patch for its VMware View product. It is listed as ' VMSA-2012-0017 ' in security advisory. This vulnerability affects both the View Connection Server and the View Security Server; VMware recommends that customers immediately update both servers to a fixed version of View. The Common Vulnerabilities and Exposures project has assigned the name CVE-2012-5978 to this issue. VMware's update to VMware View is available for free to license holders of the product and can be downloaded here . Disabling the Security Server will prevent exploitation of this vulnerability over untrusted remote networks or It may be p
Anonymous leaks VMware ESX Server Kernel source code

Anonymous leaks VMware ESX Server Kernel source code

Nov 04, 2012
Anonymous group member "Stun" announce the leak of VMware ESX Server Kernel source code via twitter today. The tweet reads,  " WILD LEAKY LEAK. FULL VMware ESX Server Kernel LEAKED LINK #Anonymous #AntiSec ". VMware ESX is an enterprise-level computer virtualization product offered by VMware. The reason behind this wild leak by anonymous is that, Vmware continue producing on same level again and again which is not a good practice for better Security. " Bullshitting people and selling crap. But it's time for Anonymous finally to deliver. Ofc VMware will try to make like this Kernel is old and isn't used in its recent products. But thanks god, there is still such as thing as reverse engineering that will prove it's true destiny. " Hacker said. A 1.89 MB uploaded on torrent and titled "VMware ESX Server Kernel LEAKED". I have download the archive and file inside archive as shown above. Dump seems to be produced by revers
Cybersecurity Resources