October 26, 2022
VMware Patches Critical Cloud Foundation RCE Vulnerability
VMware has released a security update to address a critical vulnerability in VMware Cloud Foundation.
Unauthenticated threat actors can exploit the vulnerability remotely (RCE) in low-complexity attacks that do not require user interaction.
- CVE-2021-39144, (CVSS 3.1: 9.8, Critical) – Vulnerability in the XStream open-source library used by the Cloud Foundation.
Unauthenticated malicious actors on the appliance can perform remote code execution (RCE) in the context of ‘root’.
- VMware Cloud Foundation (NSX-V) utilizing XStream version prior to 1.4.19.
CYREBRO recommends affected clients to apply the NSX-V 6.4.14 patch on VMware Cloud Foundation 3.x to mitigate the vulnerability.
References: VMWare Advisory