Critical remote code execution flaw in thousands of VMWare vCenter servers remains unpatched
Thousands of internet-facing VMWare vCenter servers are still impacted by critical vulnerabilities despite patches being released weeks ago, warn researchers. The vulnerabilities impact the centralized management utility Center Server. VMWare issued patches for the two critical bugs on May 25, however, not all servers have adhered to recommendations and implemented the patches, creating heightened risks.
The first security flaw was found in a vSAN plugin, impacting the vCenter Server and VMware Cloud Foundation. The flaw allows attackers to execute remote code execution with access to port 443. VMWare stated that the bug can be exploited to allow attackers to access the underlying operating system that hosts vCenter Server. The second vulnerability impacts the vSphere Client and vShpere authentication mechanism for a series of plugins.