Vulnerability related to VMware vCenter, a working exploit for CVE-2021-22005 has been released and is utilized by threat actors, as per experts tracking the problem. Last week, VMware urged its customers to update their systems at the earliest after warning them about a critical vulnerability in the analytics service of vCenter Server.
On Sep 21, 2021VMware released a statement stating vCenter Server is affected due to the upload arbitrary file in the Analytics service. This enabled malicious actors with network access to exploit the vulnerability for executing code on vCenter Servers. By Sep 24, 2021VMware confirmed the report that CVE-2021-22005 was exploited by threat actors in the wild.
To Read More: ZDNet
For more such updates follow us on Google News ITsecuritywire News.