Cybersecurity specialists report the detection of multiple vulnerabilities in VMware Cloud Foundation (ESXi), a popular hybrid cloud platform. According to the report, successful exploitation of the flaws would allow threat actors to deploy multiple hacking tasks on the affected systems.
Below are brief descriptions of the reported flaws, in addition to their respective tracking keys and scores assigned under the Common Vulnerability Scoring System (CVSS).
CVE-2021-22040: A use-after-free error in the XHCI USB driver would allow remote users with administrator permissions on the guest system to trigger arbitrary code execution as the VMX process of the virtual machine running on the host.
The flaw received a CVSS score of 7.9/10 and its successful exploitation will allow full engagement of the target system.
CVE-2021-22041: A bug in the USB UHCI driver would allow remote users with administrative permissions on the guest operating system to trigger a race condition and execute arbitrary code as the VMX process on the virtual machine running on the host.
The vulnerability received a CVSS score of 7.9/10.
CVE-2021-22042: VMX has access to configuration authorization tickets, so a local user with privileges within the VMX process can access the settingsd service by running as an elevated user.
This is a low-severity vulnerability and received a CVSS score of 6.2/10.
CVE-2021-22043: A Time-of-check Time-of-use vulnerability when handling temporary files would allow local users with access to settingsd to escalate their privileges on the affected system.
This is a low-severity vulnerability and received a CVSS score of 6.8/10.
CVE-2021-22050: Improper management of internal resources within rhttpproxy would allow remote threat actors to send a slow and manipulated HTTP POST request to the system, performing a denial of service (DoS) attack.
This is a low severity error and received a CVSS score of 6.5/10.
According to the report, the flaws reside in all VMware Cloud Foundation versions prior to 3.11 and in v4.4.
While vulnerabilities can be exploited by unauthenticated threat actors over the Internet, researchers have not detected active exploitation attempts or the existence of a malware variant associated with the attack. However, VMware recommends that users of affected deployments address as soon as possible.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.