Attackers collaborate to exploit CVE-2021-21972 and CVE-2021-21973
25.Feb.2021
Blueliv, an Outpost24 company
Last Tuesday, Feb. 23, 2021, VMWare disclosed two vulnerabilities affecting vCenter Server and Cloud Foundation. Before the publication of the vulnerabilities, the company published a workaround to protect the servers that are meant to be a temporary solution until updates with the security patch can be deployed. This was a surprisingly fast reaction from the company, though as they were working to quickly fix the issue so too were attackers racing to find new ways to profit from the vulnerabilities. These newly found vulnerabilities, known as CVE-2021-21972 and CVE-2021-21973, can be used by an attacker to disclose information and execute code through a vCenter Server plugin. The Blueliv Labs Team is actively investigating these vulnerabilities and finding new developments in the wild that we are sharing in this blog. More findings would come, we will update this blog accordingly to share relevant and fresh intelligence.
Read More