VMware confirms critical vCenter flaw now exploited in attacks
VMware has confirmed that a critical vCenter Server remote code execution vulnerability patched in October is now under active exploitation. [...]
Remote code execution lets attackers run commands on a target system, enabling full compromise; patch exposed software and restrict privileges.
Search across headline titles and summaries.
Background for this topic.
Remote code execution (RCE) is the ability of an attacker to make a system run attacker-chosen code from a remote position, usually by exploiting a flaw in a network-facing application, service, protocol, or the processing of untrusted content. Unlike simple unauthorized access, successful RCE can run with the privileges of the affected process, enabling actions such as accessing data, changing configuration, disrupting a service, establishing persistence, or moving to other systems. Exploitability depends on factors including network reachability, authentication requirements, configuration, and whether execution is constrained.
Defenders should prioritize exposed RCE vulnerabilities in vulnerability management: inventory reachable assets, apply fixes or vendor mitigations, and restrict access or disable vulnerable functionality where patching is not immediately possible. Least privilege and service isolation limit the damage if exploitation succeeds. Secure input handling, safe deserialization, and avoiding unnecessary shell invocation reduce common attack paths. Monitoring for unusual process creation and outbound connections can support detection; suspected exploitation warrants prompt investigation, preservation of relevant logs, credential rotation where appropriate, and checks for persistence.
VMware has confirmed that a critical vCenter Server remote code execution vulnerability patched in October is now under active exploitation. [...]
Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers
Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks. [...]
Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that are being actively exploited in the wild
Rated at a CVSS score of 10, the bug is as bad as it gets, allowing remote cyberattackers unfettered access to corporate environments.
Two flaws discovered a year apart are ostensibly the same with slightly different exploit paths, exposing corporate networks to risk and potential intrusion.
Atlassian Confluence Data Center and Confluence Server are vulnerable to a critical remote code execution (RCE) vulnerability that impacts versions released before December 5, 2023, including out-of-support releases. [...]
Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to cause a denial-of-service (DoS) condition and remote code execution (RCE)
Yet more support for the argument to adopt memory-safe languages More than 11,500 Juniper Networks devices are exposed to a new remote code execution (RCE) vulnerability, and infosec researchers are pressing admins to urgently apply the patches.…
Security researchers have found over 178,000 SonicWall next-generation firewalls (NGFW) with the management interface exposed online are vulnerable to denial-of-service (DoS) and potential remote code execution (RCE) attacks. [...]
Security researchers have found over 178,000 SonicWall next-generation firewalls (NGFW) with the management interface exposed online are vulnerable to denial-of-service (DoS) and remote code execution (RCE) attacks. [...]
Cybersecurity researchers have disclosed a security flaw in the Opera web browser for Microsoft Windows and Apple macOS that could be exploited to execute any file on the underlying operating system