Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Multiple High-Risk Vulnerabilities in VMware Products
Alerts

Multiple High-Risk Vulnerabilities in VMware Products

24 February 2021

VMware has released security updates to address several vulnerabilities in VMware vCenter Server and VMware ESXi. These vulnerabilities, which are present in all default installations, are:

  • CVE-2021-21972: a remote code execution vulnerability in a vCenter Server plugin that allows an attacker with network access to port 443 to execute commands with unrestricted privileges on the affected systems. This vulnerability has a CVSSv3 base score of 9.8.

  • CVE-2021-21974: a heap-overflow vulnerability in OpenSLP used within ESXi that allows an attacker residing within the same network segment who has access to port 427 to perform remote code execution. This vulnerability has a CVSSv3 base score of 8.8.

There are reports that the remote code execution vulnerability (CVE-2021-21972) is being actively exploited as part of an exploit chain targeting multiple vulnerabilities in vCenter Server.   

The vulnerabilities affect the following product versions:

  • VMware vCenter Server version 7.0, 6.7 and 6.5

  • VMware ESXi version 7.0, 6.7 and 6.5

Users and administrators of the affected versions are advised to upgrade to the latest product versions immediately.

More information is available here:

https://www.vmware.com/security/advisories/VMSA-2021-0002.html

Back to top