March 27, 2023

The U.S. CISA has added a critical vulnerability in VMware’s Cloud Foundation, tracked as CVE-2021-39144 with a CVSS score: 9.8 to its Known Exploited Vulnerabilities Catalog.

The RCE vulnerability present in the XStream open-source library. Unauthenticated attackers can exploit the vulnerability in low-complexity attacks without user interaction.

Advertisements

VMware has confirmed that exploit code leveraging CVE-2021-39144 against impacted products has been published. Due to the severity of the flaw, VMware also released security updates for some end-of-life products.

CISA orders federal agencies to fix this flaw by March 31, 2023.

Tags:

Leave a Reply

You may have missed

Okta Credentials Exposed via Post Exploitation Attack

Okta Credentials Exposed via Post Exploitation Attack

March 27, 2023
Dark Power Ransomware Dissection

Dark Power Ransomware Dissection

March 26, 2023
CatB Ransomware Dissection

CatB Ransomware Dissection

March 26, 2023
Microsoft Patches Acropalypse Vulnerability

Microsoft Patches Acropalypse Vulnerability

March 26, 2023
TheCyberThrone Security Week In Review – March 25th, 2023

TheCyberThrone Security Week In Review – March 25th, 2023

March 26, 2023
ChatGPT for Google- Harvest Facebook Accounts

ChatGPT for Google- Harvest Facebook Accounts

March 26, 2023
%d bloggers like this: