VMWare vCenter Server contains an RCE-vulnerability in the Analytics service. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
Patches and Workarounds are available.
A public POC was available within 12hrs, and mass-scanning and exploitation already happened within 24hrs after publication.
References
- VMWare Advisory
- Tenable Blog
- 2021-09-24 active exploitation confirmed
- 2021-09-22 Scanning and MassExploitation
more on POCs
- tw.wuuu: Technical details on VMware vCenter Server CVE-2021-22005
- censys: VMware CVE-2021-22005 Technical & Impact analysis
- pocsuite
Fragen? Kontakt: info@zero.bs