January 20, 2024 at 06:45AM A China-linked cyber espionage group, UNC3886, exploited a zero-day vulnerability (CVE-2023-34048) in VMware vCenter Server, allowing privileged access and deployment of malware. These actions enable further exploitation of VMware flaws. VMware advises users to update to avoid potential threats. Additionally, UNC3886 utilized a Fortinet flaw (CVE-2022-41328) to implant malware, targeting … Read more
January 19, 2024 at 07:15PM Chinese cyberspies have been exploiting a VMware security vulnerability, CVE-2023-34048, allowing them to hijack vulnerable servers. Meanwhile, a Moscow-backed group breached a small percentage of Microsoft corporate email accounts. Additionally, CISA issued an emergency directive to mitigate Ivanti Connect Secure zero-days, likely targeted by Chinese nation-state attackers. Persistent concerns exist … Read more
January 19, 2024 at 08:23AM VMware confirmed active exploitation of a critical vCenter Server vulnerability (CVE-2023-34048) reported by Trend Micro researcher Grigory Dorodnov. Multiple end-of-life products were patched, and ransomware gangs target VMware servers. Over 2,000 exposed servers pose breach risks. VMware urged strict network access control and previously fixed high-severity vCenter Server flaws, an … Read more
January 19, 2024 at 06:12AM VMware warns of CVE-2023-34048, a critical vCenter Server vulnerability exploited in the wild. The issue, an out-of-bounds write problem related to DCERPC protocol implementation, allows remote code execution with network access. VMware released patches in October, even for end-of-life versions. The exploitation has been confirmed, with potentially hundreds of exposed … Read more
January 16, 2024 at 01:12PM Critical vulnerabilities in Atlassian and VMware products have been revealed. Atlassian’s Confluence Data Center and Server have a flaw allowing remote code execution, and Jira Software Data Center and Server are susceptible to XML external entity attacks. VMware’s Aria Automation faces a missing access control issue, all requiring immediate patching … Read more
January 16, 2024 at 09:12AM VMware has urged customers to patch a critical vulnerability (CVE-2023-34063, CVSS score of 9.9) affecting Aria Automation and Cloud Foundation. The missing access control flaw could allow unauthorized access to remote organizations and workflows. VMware has released patches for impacted versions and credited external researchers for discovering the vulnerability. Threat … Read more
November 15, 2023 at 03:57PM Microsoft has fixed a known issue causing blue screens and boot failures in Windows Server 2022 virtual machines (VMs) deployed on VMware ESXi hosts. The problem affected guest VMs on VMware ESXi hosts with an AMD Epyc physical processor. A Windows Server 2022 cumulative update, KB5032198, has now resolved the … Read more
November 14, 2023 at 11:27PM VMware has issued a warning about a critical security flaw in Cloud Director that could allow unauthorized access. The vulnerability affects instances upgraded to version 10.5 and can be exploited to bypass login restrictions on certain ports. A fix has not yet been released, but a workaround is available. This … Read more
November 14, 2023 at 04:47PM VMware has disclosed a critical authentication bypass vulnerability affecting Cloud Director appliance deployments. The vulnerability only affects certain versions of the appliance and can be exploited remotely without user interaction. While no patch is available, VMware has provided a temporary workaround that does not disrupt functionality or require downtime. After … Read more
November 14, 2023 at 04:21PM VMware has released an urgent patch to fix a serious authentication bypass bug in its Cloud Director Appliance product. The vulnerability, known as CVE-2023-34060, has a severity score of 9.8 out of 10 and can be exploited by attackers with network access. The issue affects instances where the appliance has … Read more