Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Vulnerability in VMware vCenter Server
Alerts

Critical Vulnerability in VMware vCenter Server

22 September 2021

VMWare has released security updates to address a critical vulnerability (CVE-2021-22005) found in vCenter Server 6.7, 7.0 and Cloud Foundation (vCenter Server) 3.x, 4.x. This vulnerability may allow an attacker with network access to port 443 to execute code on vCenter Server by uploading a specially crafted file.

Users and administrators of the affected versions are advised to upgrade to the latest product versions immediately. 

More information is available here:
https://www.vmware.com/security/advisories/VMSA-2021-0020.html
https://core.vmware.com/vmsa-2021-0020-questions-answers-faq#section1
https://www.bleepingcomputer.com/news/security/vmware-warns-of-critical-bug-in-default-vcenter-server-installs/

Back to top