• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Vmware Issues Updated Fix For Critical Esxi Flaw

VMware Fixes Critical Flaw in ESXi Hypervisor

You are here: Home / Latest Cyber Security Vulnerabilities / VMware Fixes Critical Flaw in ESXi Hypervisor

The critical and significant-severity flaws have been discovered by a workforce at the China-based Tiunfu Cup hacking problem.

VMware has hurried out fixes for a critical flaw in its ESXi hypervisor, a handful of months soon after it was identified through China’s Tianfu Cup hacking level of competition.

✔ Approved Seller by TheCyberSecurity From Our Partners
F Secure Freedome Vpn 2021

Protect your online privacy and internet browsing via F-Secure Freedome VPN. F-Secure has proven to be a trustworthy company but not being connected to any government. F-Secure Freedome VPN encryptes all your connections to the internet in addition it hides your real IP address so no one will know from which location you are browsing the web. F-Secure Freedome VPN is Netflix and Amazon Prime friendly which means you can easily view the movies and series that are meant for Amercian viewers.

Get F-Secure Freedome VPN with 50% discount from our partner: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The use-soon after-free vulnerability (CVE-2020-4004) has a CVSS score of 9.3 out of 10, creating it critical. It exists in the eXtensible Host Controller Interface (xHCI) USB controller of ESXi. XHCI is an interface specification that defines a register-amount description of a host controller for USB.

In accordance to VMware in a Thursday advisory, “a destructive actor with local administrative privileges on a digital device may perhaps exploit this issue.”

The attacker would then be able to execute code as the digital machine’s Virtual Machine Executable (VMX) course of action managing on the host, claimed VMware’s advisory. The VMX system operates in the VMkernel and is dependable for managing I/O to products that are not critical to efficiency.

Xiao Wei and Tianwen Tang (VictorV) of the Qihoo 360 Vulcan Team had been credited with identifying the flaw, which they discovered at the 2020 Tianfu Cup Pwn Contest. When further more aspects of the bug – and the exploit – were not disclosed, in accordance to the Tianfu Cup’s Twitter account, the staff “got the root of the host OS with just one shot.” The Tianfu Cup is a well known moral hacking contest that took put before in November.

360 ESG Vulnerability Exploration Institute is the only crew to operate the entry on VMware ESXi these days. @XiaoWei___ @vv474172261 acquired the root of the host OS with 1 shot. Congrats!

— TianfuCup (@TianfuCup) November 7, 2020

ESXi versions 6.5, 6.7 and 7. are affected by this critical vulnerability customers can update to versions ESXi650-202011301-SG (for edition 6.5), ESXi670-202011101-SG (for edition 6.7) and ESXi70U1b-17168206 (for edition 7.). A workaround is to take away the xHCI (USB 3.x) controller. In addition, variations of VMware Fusion (versions 11.x), Workstation (15.x) and VMware cloud foundation (ESXi, versions 3.x and 4.x) are also impacted. Patches for the VMware cloud foundation are nevertheless pending, according to the advisory.

VMware also issued patches for an important-severity elevation-of-privilege vulnerability in ESXi, also found by the Qihoo 360 Vulcan Staff during the Tiunfu Cup. That flaw (CVE-2020-4005), which scores 8.8 out of 10, exists in the way particular procedure calls are being managed.

According to VMware, a lousy actor could leverage the flaw to escalate their privileges on the afflicted system. Having said that, this bug is a lot more tough to exploit. For a person, with an attacker would need to have privileges in just the VMX process for a different, successful exploitation of this issue is only achievable when chained with a further vulnerability (such as the use-just after-absolutely free flaw).

Variations 6.5, 6.7 and 7. of ESXi are afflicted by the bugs as is VMware Cloud Foundation (ESXi, versions 3.x and 4.x). A patch is pending for the latter.

These are only the newest flaws to plague the ESXi hypervisor. In October, VMware issued an current resolve for a critical-severity distant code-execution flaw in ESXi. VMware mentioned current patch variations were offered just after it was found out the preceding patch, unveiled Oct. 20, did not fully deal with the vulnerability. That’s due to the fact particular variations that have been affected ended up not beforehand covered in the before update.


Some sections of this short article are sourced from:
threatpost.com

Previous Post: «Cloud Storage: How Secure Are Dropbox, Google Drive, Icloud And Cloud storage: How secure are Dropbox, Google Drive, iCloud and OneDrive?
Next Post: Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns Google Services Weaponized To Bypass Security In Phishing, Bec Campaigns»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Recent Posts

  • Big Tech Bans Social Networking App
  • Lack of Funding Could Lead to “Lost Generation” of Cyber-Startups
  • Unveiled: SUNSPOT Malware Was Used to Inject SolarWinds Backdoor
  • ‘I’ll Teams you’: Employees assume security of links, file sharing via Microsoft comms platform
  • DarkSide decryptor unlocks systems without ransom payment – for now
  • Researchers see links between SolarWinds Sunburst malware and Russian Turla APT group
  • Millions of Social Profiles Leaked by Chinese Data-Scrapers
  • Feds will weigh whether cyber best practices were followed when assessing HIPAA fines
  • SolarWinds Hack Potentially Linked to Turla APT
  • 10 quick tips to identifying phishing emails

Copyright © TheCyberSecurity.News, All Rights Reserved.