VMware Warns of Critical Remote Code Execution Vulnerability In vSphere HTML5 Client

VMware Warns of Critical Remote Code Execution Vulnerability In vSphere HTML5 Client

Recently, a software company named VMware has revealed a critical bug in its vCenter server plugin. It is a part of the vSphere HTML5 Client that contains a remote code execution vulnerability. On the spectrum of critical severity range, it is CVSS 9.8-rated bug.

 

Do you have compliance issues? LIFARS can help you validate your compliance and controls to assist in maintaining your compliance.

 

Additionally, VMware has also put on record its two other vulnerabilities. The one with an 8.8-rated bug exists in its ESXi and Cloud Foundation (ESXi) products. On the other hand, the second vulnerability with a 5.3-rated bug exists in its vCenter Server and Cloud Foundation (vCenter Server) products. Thankfully, VMware has fortunately addressed all the vulnerabilities that impacted its products.

vCenter Server Critical RCE Vulnerability

It is the vulnerability CVE-2021-21972 that enables a remote cybercriminal to execute arbitrary code on the target system. In vSphere Client, it exists because of insufficient validation of user-supplied input. A hidden unauthorized user can run arbitrary code on the system after sending a crafted HTTP request to TCP port 443.

vSphere Client SSRF Vulnerability

It is the vulnerability CVE-2021-21973 that exists in the vSphere Client containing a Server-Side Request Forgery flaw. The existence of vulnerability is present because of inadequate validation of URLs in a vCenter Server plugin.

After sending a POST request to the vCenter Server plugin, an attacker with network admittance to port 443 can misuse the issue. It also paves the way for information disclosure.

ESXi OpenSLP Heap-Overflow Vulnerability

The vulnerability CVE-2021-21974 that exists in the ESXi hypervisor contains a heap overflow vulnerability. It can result in remote code execution when an attacker triggers the heap-overflow issue in the OpenSLP – an open-source form of the IETF Service Location Protocol. It can occur when an attacker has access to port 427 who is also dwelling within the same network segment as ESXi.

Conclusion

VMware has strongly encouraged organizations to identify vulnerable systems after assessing their network infrastructure. Shortly afterward, it is wise to apply the required updates to systems after reviewing VMSA-2021-0002 Advisory announced by VMWare.

You can contact us any time in case you learned that your adversaries got hold of the data. Immediately tackling data breaches is more important than people realize since credibility is the question.

 

 

References

VMSA-2021-0002 Advisory

Critical Vulnerabilities in VMware products

Warning of VMware since it caught critical vulnerabilities in its products

Fixes of VMware of its critical RCE flaws