Unpatched VMware vCenter Software

Read Time39 Second

Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

06/04/2021 06:02 PM EDT
Original release date: June 4, 2021
CISA is aware of the likelihood that cyber threat actors are attempting to exploit CVE-2021-21985, a remote code execution vulnerability in VMware vCenter Server and VMware Cloud Foundation. Although patches were made available on May 25, 2021, unpatched systems remain an attractive target and attackers can exploit this vulnerability to take control of an unpatched system.

CISA encourages users and administrators to review VMware’s VMSA-2021-010blogpost, and FAQ for more information about the vulnerability and apply the necessary updates as soon as possible, even if out-of-cycle work is required. If an organization cannot immediately apply the updates, then apply the workarounds in the interim.

About Post Author

Robert Williams

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: