VMWare ESXi 7.0 and 8.0 Multiple Vulnerabilities
A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox.
VMware Cloud Foundation remote code execution vulnerability via XStream (CVE-2021-39144)
CISA identified VMware products to the CVE-2021-39144 vulnerability in its Known Exploited Vulnerabilities (KEV) catalog following confirmation from VMware that this bug is being exploited since December 2022.
Veeam Backup & Replication Vulnerability (CVE-2023-27532)
A vulnerability been found in Veeam Backup & Replication that enables an unauthenticated user to request encrypted credentials, which can give them access to server hosts used for backup infrastructure.
VMware vSphere 6.7 End of General Support: October 15, 2022
VMware 6.7 is going to end its product General Support on October 15th.
After that point, VMware will assist only with technical issues for that version, but cannot guarantee absolute bug-fixes.
VMware Horizon Cloud on Microsoft Azure
Remote work from the cloud can be delivered quickly and securely. Wanna know how? Download the @Microsoft @Azure datasheet. To find out more about how Horizon Cloud on Microsoft Azure and Azure Virtual Desktop can help you, contact an expert at Cornerstone.IT.
Alert: VMware vCenter Server Privilege Escalation Vulnerability
VMware has investigated and confirmed possible exploits that can be performed by a malicious attacker using “privileged account escalation” method. Learn how to mitigate with the provided remediation tasks.