VMware Released Security Patches for Critical Vulnerabilities in ESXi
The National Cyber Security Centre warns of two critical vulnerabilities in VMware products (ESXi, Workstation, Fusion, and Cloud Foundation).
The company documented a total of four vulnerabilities, warning that the most serious of them could allow a malicious actor with local administrative privileges on virtual machines to execute code as the virtual machine’s VMX process running on the host.
Vulnerabilities tracked as CVE-2024-22252 and CVE-2024-22253 achieve a CVSS score of 9.3.
Although both vulnerabilities are serious, the situation is exacerbated by the fact that users often do not update the software on their virtualization systems, for a number of reasons:
- Aversion to updates due to system unavailability while an update is in progress. Users are also concerned that security patches will bring with them instability and disruption of the original configuration.
- Underestimation of security updates in the belief that virtualizing them makes them inherently secure.
- Updates of virtual platforms are harder to see compared to updates of operating systems.
As a rule, organizations that do not have update policies in place for virtualization platforms also belong to smaller organizations that may not have virtual servers distributed across multiple physical servers by category. This exposes them to the risk that an attacker will attack their public virtual server and subsequently, through the virtualization platform, will gain access to internal virtual servers, which mostly contain valuable data.
Recommendations
- Monitor the manufacturer’s website and apply the latest security patches.
Sources
- https://www.vmware.com/security/advisories/VMSA-2024-0006.html
- https://www.securityweek.com/vmware-patches-critical-esxi-sandbox-escape-flaws/
« Späť na zoznam