Attacks exploiting critical VMware vulnerabilities could lead to code execution and DOS attacks

Attacks exploiting critical VMware vulnerabilities could lead to code execution and DOS attacks



VMware has released patches for critical vulnerabilities affecting its ESXi, Workstation, Cloud Foundation, and Fusion products. These vulnerabilities could allow attackers to execute malicious code on host systems from virtual machines, posing a significant security risk.

One of the critical vulnerabilities is an out-of-bounds read/write issue affecting storage controllers on VMware ESXi, Workstation, and Fusion. This issue could be exploited by a malicious actor with access to a virtual machine to create a denial of service condition or execute code on the hypervisor. Additionally, there is a remote code execution vulnerability in VMware vCenter Server, allowing attackers with administrative privileges to execute arbitrary commands on the underlying operating system.

Another vulnerability in VMware vCenter Server allows a malicious actor with administrative privileges to partially read arbitrary files containing sensitive data. It is recommended that all users install the necessary patches to address these vulnerabilities, with detailed guidance provided on Broadcom’s security advisory page. Organizations should review their security posture and ensure all VMware products are updated to protect against potential exploitation.

For environments where immediate patching is not possible, VMware recommends implementing workarounds such as removing USB controllers from virtual machines. However, these are not considered long-term solutions and may affect functionality. It is crucial to keep security measures up to date and apply patches promptly to mitigate risks. Broadcom’s proactive approach to addressing these vulnerabilities demonstrates its commitment to ensuring the security and integrity of its products and the environments in which they operate.



VMware-code-trigger-dos/”>Article Source