VMware fixes bug allowing attackers to steal admin credentials

Posted by & filed under Ειδοποιήσεις.

VMware has published security updates to address a high severity vulnerability in vRealize Operations that could allow attackers to steal admin credentials after exploiting vulnerable servers. vRealize Operations is an AI-powered and “self-driving” IT operations management for private, hybrid, and multi-cloud environments, available as an on-premises or SaaS solution. The vulnerability was discovered and reported to VMware by Positive… Read more »

VMware releases fix for severe View Planner RCE vulnerability

Posted by & filed under Ειδοποιήσεις.

VMware has addressed a high severity unauthenticated RCE vulnerability in VMware View Planner, allowing attackers to abuse servers running unpatched software for remote code execution. View Planner is a free tool for benchmarking desktop client and server-side performance in Virtual Desktop Infrastructure environments. The vulnerability was discovered and reported to VMware by Positive Technologies web application… Read more »

VMware fixes zero-day vulnerability reported by the NSA

Posted by & filed under Ειδοποιήσεις.

VMware has released security updates to address a zero-day vulnerability in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. The vulnerability is a command injection bug tracked as CVE-2020-4006 and publicly disclosed two weeks ago. While it did not issue any security updates at the time it disclosed the zero-day, VMware provided a workaround to help… Read more »

VMware discloses critical zero-day vulnerability in Workspace One

Posted by & filed under Ειδοποιήσεις.

VMware has released a workaround to address a critical zero-day in multiple VMware Workspace One components that allows attackers to execute commands on the host Linux and Windows operating systems using escalated privileges. Zero-days are publicly disclosed vulnerabilities not yet patched by the vendor. In some cases, zero-days are also actively exploited in the wild… Read more »