Breach, Content

Hackers Target VMware vCenter Server Vulnerability: What MSSPs Need to Know

Credit: WMware

Hackers are targeting and exploiting a VMware vCenter Server Vulnerability known as CVE-2021-22005. If MSPs and MSSPs fail to patch the software for customers, then cybercriminals with network access to port 443 can exploit the vulnerability to execute malicious code on vCenter Servers, according to a Cybersecurity & Infrastructure Security Agency (CISA) alert.

VMware disclosed the vulnerability on September 21. A follow-on VMware statement, released September 24, confirmed reports of active exploits in the wild. The CISA added:

"Security researchers are also reporting mass scanning for vulnerable vCenter Servers and publicly available exploit code. Due to the availability of exploit code, CISA expects widespread exploitation of this vulnerability."

How to Patch VMware vCenter Server Vulnerability

Amid those warnings, CISA is urging critical infrastructure entities and other organizations with affected vCenter Server versions to upgrade their software. It is encouraging these organizations to leverage VMware patches to address the vulnerability. If the fix can't be applied immediately, organizations can apply a temporary vCenter Server workaround provided by VMware, CISA said.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.