Hackers are scanning for VMware CVE-2021-22005 targets, patch now!

Threat actors have already started targeting Internet-exposed VMware vCenter servers unpatched against a critical arbitrary file upload vulnerability patched yesterday that could lead to remote code execution.

The security flaw tracked as CVE-2021-22005 impacts all vCenter Server 6.7 and 7.0 deployments with default configurations.

The flaw was reported by George Noseevich and Sergey Gerasimov of SolidLab LLC, and unauthenticated attackers can remotely exploit it in low complexity attacks without requiring user interaction.

Read more…
Source: Bleeping Computer