VMware has patched a critical vulnerability that was found in its vCenter Server VMware utility that could have allowed for remote code execution on a vulnerable server. Positive Technologies discovered the flaw and reported VMware to the bug. In a press release published on Wednesday, the security company explained how the bug could have been exploited to take over unpatched VMware servers and gain access to local network resources. According to the company, the biggest threat to users was hackers who successfully penetrated the security of a network perimeter through web vulnerabilities or previously created backdoors.
Positive Technologies released the results of penetration testing during which it was able to breach the network perimeter and gain access to resources in 93% of companies. The VMware vulnerability was particularly harmful as it could have been abused by any unauthorized user, according to the security firm. This would allow the attacker to move through the corporate network and access data stored in the attacked system, which can include sensitive information.
Read More: VMware patches bug that put many large networks at risk