Total Tests:

Critical VMware vSphere Vulnerability Is a Must-Patch

By Maria Korolov for Data Center Knowledge
Friday, February 26, 2021

VMware this week fixed two critical vulnerabilities in jts vCenter Server, used by data centers to manage the VMware vSphere server virtualization platform.

"This vulnerability is critical," said Ilia Kolochenko, CEO at ImmuniWeb, a cybersecurty vendor. "It's really the highest possible risk we have, and exploitation is very simple. A remote non-authenticated actor can just send several HTTP requests and get full control over everything. So it's very high risk."

There is one bright side to this vulnerability, however, that is likely to reduce the amount of damage that attackers can do.

And that is because those organizations that have these systems exposed to the public probably have much bigger problems as well, said ImmuniWeb's Kolochenko.

"These types of systems are not supposed to be publicly accessible," he said. "Organizations that have these systems accessible to anyone on the internet – well, I wouldn't say that they're all grossly negligent, but I would say that they have other challenges and problems and are probably already compromised."

There might be some organizations that are unable to install security patches immediately, "maybe in about 5 percent of use cases," he said.

"In a hospital, for example, you might have a critical system that is maintaining care for patients who require emergency treatment. Sometimes when you install a patch you might crash everything. But I would say that otherwise, in the vast majority of cases – in 95 percent of cases – you should patch as soon as possible."

In those other 5 percent of cases companies should limit access to the vulnerable system.

He also recommends that companies proactively monitor and try to minimize their external attack surface, since more of these types of vulnerabilities are likely to emerge.

"I'm very confident that we still have more undisclosed or undiscovered vulnerabilities," he said. "There are probably people reverse engineering systems, searching for security flaws."

Reducing access by external users or from untrusted internal machines would help mitigate against 99 percent of possible exploitation, he said. Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential