Advisories

MA-817.092021: MyCERT Alert - Critical Vulnerability in VMware vCenter Server

  • 29 Sep 2021
  • Alert
  • VMware,CVE-2021-22005

1.0 Introduction
VMware has released security updates to address a critical vulnerability (CVE-2021-22005) found in the vCenter Server and Cloud Foundation. Users and administrators are encouraged to review the VMware Security Advisory VMSA-2021-0020 and apply the necessary updates and workarounds.

2.0 Impact
Exploiting this vulnerability may allow an attacker with network access to port 443 to execute code on vCenter Server by uploading a specially crafted file.

3.0 Affected System and Devices
Updates are available include:
• VMware vCenter Server (vCenter Server) version 6.7, 7.0
• VMware Cloud Foundation (Cloud Foundation) version 3.x, 4.x

4.0 Recommendations
To mitigate CVE-2021-22005, MyCERT strongly urges critical infrastructure entities and other organizations with affected vCenter Server versions to take the following actions.

• Upgrade to a fixed version as quickly as possible. See VMware Security Advisory VMSA-2021-0020 for patching information.
• Apply the temporary workaround provided by VMware, if unable to upgrade to a fixed version immediately. See VMware’s workaround instructions for CVE-2021-22005, supplemental blog post, and frequently asked questions for additional information.

Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:

E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours) 
Mobile: +60 19 2665850 (24x7 call incident reporting)
SMS: CYBER999 REPORT EMAIL COMPLAINT to 15888
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my

5.0    References

Read More

MA-807.062021: MyCERT Advisory - VMware vCenter Server updates

  • 09 Jun 2021
  • Advisory
  • VMware

1.0 Introduction
VMware has released security updates to address multiple vulnerabilities in vCenter Server and Cloud Foundation. VMware vCenter Server updates address remote code execution and authentication vulnerabilities (CVE-2021-21985, CVE-2021-21986).

2.0 Impact
A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

3.0 Affected Products

  • VMware vCenter Server (vCenter Server)
  • VMware Cloud Foundation (Cloud Foundation)

4.0 Recommendations
Users and administrators are recommended to review the below URLs and perform the necessary update. Kindly refer to the below URL:

Generally, MyCERT advises the users of these applications to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:

E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my

5.0    References

Read More

MA-554.012016: MyCERT Advisory - VMware Releases Security Updates

  • 11 Jan 2016
  • Advisory

 

1.0 Introduction

VMware has released security updates to address a vulnerability in VMware ESXi, Fusion, Player, and Workstation.  Users and administrators are encouraged to review VMware Security Advisory VMSA-2016-0001 and apply the necessary updates.

 

2.0 Impact

Exploitation of some of these vulnerabilities may allow an attacker to escalate privileges on an affected VMware system. A kernel memory corruption vulnerability is present in the VMware Tools "Shared Folders" (HGFS) feature running on Microsoft Windows. Successful exploitation of this issue could lead to an escalation of privilege in the guest operating system.  

 

3.0 Affected Products

The affected products is including of:

  • VMware ESXi 6.0 without patch ESXi600-201512102-SG
  • VMware ESXi 5.5 without patch ESXi550-201512102-SG
  • VMware ESXi 5.1 without patch ESXi510-201510102-SG
  • VMware ESXi 5.0 without patch ESXi500-201510102-SG
  • VMware Workstation prior to 11.1.2
  • VMware Player prior to 7.1.2
  • VMware Fusion prior to 7.1.2

 

4.0 Recommendation

Users are advised to review the patch and release notes for the affected products listed below and verify the checksum of the download file.

4.1 VMware ESXi 6.0
Downloads:
https://www.vmware.com/patchmgr/findPatch.portal
Documentation:
http://kb.vmware.com/kb/2135123

 

4.2 VMware ESXi 5.5
Downloads:
https://www.vmware.com/patchmgr/findPatch.portal
Documentation:
http://kb.vmware.com/kb/2135796

 

4.3 VMware ESXi 5.1
Downloads:
https://www.vmware.com/patchmgr/findPatch.portal
Documentation:
http://kb.vmware.com/kb/2126488

 

4.4 VMware ESXi 5.0
Downloads:
https://www.vmware.com/patchmgr/findPatch.portal
Documentation:
http://kb.vmware.com/kb/2120210

 

4.5 VMware Workstation 11.1.2
Downloads and Documentation:
https://www.vmware.com/go/downloadworkstation

 

4.6 VMware Player 7.1.2
Downloads and Documentation:
https://www.vmware.com/go/downloadplayer

 

4.7 VMware Fusion 7.1.2
https://www.vmware.com/go/downloadfusion

 

4.8 VMware Tools 10.0.0
Downloads:
https://my.vmware.com/web/vmware/details?downloadGroup=VMTOOLS1000&productId=491
Documentation:
https://pubs.vmware.com/Release_Notes/en/vmwaretools/1000/vmware-tools-1000-release-notes.html

 

4.9 For the workaround, removing the "Shared Folders" (HGFS) feature from previously installed VMware Tools will remove the possibility of exploitation.

 


Generally, MyCERT advises the users of this software to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:
E-mail : [email protected] or [email protected] 
Phone : 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442 
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : CYBER999 REPORT EMAIL COMPLAINT to 15888
Business Hours : Mon - Fri 09:00 AM - 18:00 PM MYT
Web : https://www.mycert.org.my
Twitter : http://www.twitter.com/mycert
Facebook: http://www.facebook.com/mycert.org.my
Cyber999 Mobile Apps:  IOS Users or Android Users

 

5.0 References

Read More

MA-492.072015: MyCERT Advisory - VMware Releases Security Advisory

  • 12 Jul 2015
  • Advisory

1.0 Introduction

VMware has released security updates to address a host privilege escalation vulnerability in VMware Workstation, Player and Horizon View Client for Windows.  

Users and administrators are encouraged to review the VMware Security Advisory VMSA-2015-0005 and apply the necessary updates.

2.0 Impact
Exploitation of some of these vulnerabilities may allow an attacker to escalate privileges on an affected VMware system.
 
3.0 Affected Products
Updates are available include:
• VMware Workstation 11.1.1
• VMware Workstation 10.0.7
• VMware Player 7.1.1
• VMware Player 6.0.7
• VMware Horizon Client for Windows (with Local Mode Option) 5.4.2

 4.0 Recommendation
Users are advised to review the patch and release notes for the affected products listed below and verify the checksum of the download file.

4.1 VMware Workstation 11.1.1, 10.0.7
Downloads and Documentation:
https://www.vmware.com/go/downloadworkstation

4.2 VMware Player 7.1.1, 6.0.7
Downloads and Documentation:
https://www.vmware.com/go/downloadplayer

4.3 VMware Horizon Clients 5.4.2
Downloads and Documentation:
https://www.vmware.com/go/viewclients

Generally, MyCERT advises the users of this software to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:
E-mail : [email protected] or [email protected]
Phone : 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : CYBER999 REPORT EMAIL COMPLAINT to 15888
Business Hours : Mon - Fri 09:00 AM - 18:00 PM MYT
Web : https://www.mycert.org.my
Twitter : http://www.twitter.com/mycert
Facebook: http://www.facebook.com/mycert.org.my
Cyber999 Mobile Apps:  IOS Users or Android Users


5.0 References
• VMware Releases Security Advisory : https://www.us-cert.gov/ncas/current-activity/2015/07/10/VMware-Releases-Security-Advisory

• VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability : http://www.vmware.com/security/advisories/VMSA-2015-0005.html#sthash.gJg8RG2i.dpuf
Read More

MA-484.062015: MyCERT Advisory - VMWare Releases Security Updates for Multiple Products

  • 16 Jun 2015
  • Advisory

1.0 Introduction

VMWare has released four updates to address vulnerabilities in VMWare Workstation, Player, Fusion, and Horizon Client.

 

2.0 Impact

Exploitation of some of these vulnerabilities could allow denial-of-service condition or remote code execution on the Windows OS running these programs.

 

3.0 Affected Products
Listed below are the vulnerabilities and its respective affected product versions:

3.1 VMware Workstation and Horizon Client memory manipulation issues – this  vulnerability impacts the below product versions running on Windows:

  • Workstation 10.x, 11.x
  • Player 6.x, 7.x
  • Horizon Client 3.2.x, 3.3.x
  • Horizon Client for Windows (with local mode) 5.x

3.2 VMware Workstation, Player, and Fusion Denial of Service vulnerability – this vulnerability impacts the product versions running on any platform: 

  • Workstation 10.x, 11.x
  • Player 6.x, 7.x
  • Fusion 6.x, 7.x (OSX only)

 

4.0 Recommendation
Users are advised to review the patch and release notes for the affected products listed below and verify the checksum of the download file.

4.1 VMware Workstation 11.1.1, 10.0.6
Downloads and Documentation:
https://www.vmware.com/go/downloadworkstation

4.2 VMware Player 7.1.1, 6.0.6
Downloads and Documentation:
https://www.vmware.com/go/downloadplayer

4.3 VMware Fusion 7.0.1, 6.0.6
https://www.vmware.com/go/downloadfusion

4.4 VMware Horizon Clients 5.4.2, 3.4.0, and 3.2.1
Downloads and Documentation:
https://www.vmware.com/go/viewclients


Generally, MyCERT advises the users of this software to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:
E-mail : [email protected] or [email protected] 
Phone : 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442 
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : CYBER999 REPORT EMAIL COMPLAINT to 15888
Business Hours : Mon - Fri 09:00 AM - 18:00 PM MYT
Web : https://www.mycert.org.my
Twitter : http://www.twitter.com/mycert
Facebook: http://www.facebook.com/mycert.org.my
Cyber999 Mobile Apps:  IOS Users or Android Users

 

 5.0 References

Read More
Showing 11-15 of 15 items.
(not set)
(not set)
(not set)
(not set)
(not set)
Popular Advisories
Archives