Let’s get started!
Ready to extend visibility, threat detection and response?
Get a DemoAs part of our ongoing threat intelligence efforts to discover emerging threats and vulnerabilities, the CyOps team would like to bring a new risk to your attention. The threat is associated with five vulnerable default plugins installed in VMWare vCenter Server. This vulnerability can be abused by threat actors to remotely execute arbitrary code.
The vulnerabilities described above are assigned to the following CVEs:
All CVEs mentioned above allow a malicious actor to perform remote code execution on the hosting Operating System without privilege limitations. This can be achieved when an adversary has network access by using port 443 to infiltrate the vCenter Server.
Following VMware’s instructions, below is a summary of a workaround to temporarily prevent exploitation until a patch is released:
Apart from our recommendation to disable the mentioned plugins as described above, you can rest assured that the Cynet CyOps team is constantly monitoring your environment and will update if we observe and detect suspicious behavior or activities.
Search results for:
Request a Quote
Fill out the form below, and we’ll provide you with a quote tailored to your requirements.
Get your practical guide to the
2023 MITRE ATT&CK Evaluation
Become our partner!
Grow your business with Cynet
See Cynet All-in-One in Action
Let’s get started
Ready to extend visibility, threat detection, and response?
See Cynet All-in-One in Action