VMware Workstation, VMware Fusion Security Vulnerabilities

CVE-2024-22246

VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the...

CVE-2024-22248

VMware SD-WAN Orchestrator contains an open redirect vulnerability. A malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information...

CVE-2024-22247

VMware SD-WAN Edge contains a missing authentication and protection mechanism vulnerability. A malicious actor with physical access to the SD-WAN Edge appliance during activation can potentially exploit this vulnerability to access the BIOS configuration. In addition, the malicious actor may be...

CVE-2024-22246

VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the...

Adversaries are leveraging remote access tools now more than ever — here’s how to stop them

Remote system management/desktop access tools such as AnyDesk and TeamViewer have grown in popularity since 2020. While there are many legitimate uses for this software, adversaries are also finding ways to use them for command and control in their campaigns. There is no easy way to effectively...

Security Bulletin: Netcool Operations Insights 1.6.12 addresses multiple security vulnerabilities.

Summary Netcool Operations Insight v1.6.12 addresses multiple security vulnerabilities, listed in the CVEs below. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2022-25883 DESCRIPTION: **Node.js semver package is vulnerable to a...

China-linked Hackers Deploy New 'UNAPIMON' Malware for Stealthy Operations

A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar. "Earth Freybug is a cyberthreat group that has been active since at least 2012 that focuses on espionage and financially motivated activities," Trend Micro security...

VMware Fusion SEoL (7.0.x)

According to its version, VMware Fusion is 7.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

VMware Fusion SEoL (2.0.x)

According to its version, VMware Fusion is 2.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

VMware Fusion SEoL (4.0.x)

According to its version, VMware Fusion is 4.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

VMware Fusion SEoL (10.0.x)

According to its version, VMware Fusion is 10.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

Moderate Photon OS Security Update - PHSA-2024-3.0-0745

Updates of ['linux-esx', 'linux', 'linux-aws', 'linux-secure', 'linux-rt'] packages of Photon OS have been...

VMware Fusion SEoL (8.0.x)

According to its version, VMware Fusion is 8.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

VMware SD-WAN Edge and SD-WAN Orchestrator updates address multiple security vulnerabilities.

3a. Unauthenticated Command Injection vulnerability in SD-WAN Edge (CVE-2024-22246) VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. VMware has evaluated the severity of this issue to be in the Important severity range...

Important Photon OS Security Update - PHSA-2024-5.0-0237

Updates of ['tcpdump', 'linux-secure', 'linux-rt', 'linux'] packages of Photon OS have been...

VMware Fusion SEoL (3.0.x)

According to its version, VMware Fusion is 3.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

Important Photon OS Security Update - PHSA-2024-4.0-0588

Updates of ['linux-secure', 'linux-rt', 'linux', 'linux-aws'] packages of Photon OS have been...

VMware Fusion SEoL (1.0.x)

According to its version, VMware Fusion is 1.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

VMware Fusion SEoL (5.0.x)

According to its version, VMware Fusion is 5.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

VMware Fusion SEoL (12.0.x)

According to its version, VMware Fusion is 12.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

VMware Fusion SEoL (6.0.x)

According to its version, VMware Fusion is 6.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

VMware Fusion SEoL (11.0.x)

According to its version, VMware Fusion is 11.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

Security Bulletin: Vulnerability with OpenJDK, commons-compress and spring-web-5.3.27/spring-web-5.3.32 affect IBM Cloud Object Storage Systems (April 2024v1)

Summary Vulnerability with OpenJDK- [CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20945, CVE-2024-20932, CVE-2024-20919, CVE-2024-20926], commons-compress[ CVE-2024-25710, CVE-2024-26308] , spring-web-5.3.27 [CVE-2024-22243], spring-web-5.3.32[CVE-2024-22259]. This vulnerability has...

Important Photon OS Security Update - PHSA-2024-5.0-0236

Updates of ['ruby'] packages of Photon OS have been...

Important Photon OS Security Update - PHSA-2024-3.0-0744

Updates of ['linux-esx', 'linux', 'linux-aws', 'linux-secure', 'tcpdump', 'linux-rt'] packages of Photon OS have been...

Moderate Photon OS Security Update - PHSA-2024-4.0-0587

Updates of ['tcpdump'] packages of Photon OS have been...

Security Bulletin: Vulnerability in VMware Tanzu Spring Framework affects IBM Process Mining CVE-2023-34053

Summary There is a vulnerability in VMware Tanzu Spring Framework that could allow an remote attacker to cause a denial of service on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details **...

Agenda Ransomware Targets VMWare vCenter & ESXi Servers Globally

Summary: Agenda ransomware, also known as Qilin, active since 2022, targets global victims across industries. Their latest tactic leverages a custom script to infect VMWare environments, potentially crippling virtual machines and causing data loss. Organizations should be aware of this threat and.....

Important Photon OS Security Update - PHSA-2024-4.0-0586

Updates of ['python3-cryptography', 'nodejs', 'linux', 'linux-aws', 'linux-secure', 'linux-rt', 'bluez'] packages of Photon OS have been...

Stories from the SOC Part 1: IDAT Loader to BruteRatel

Rapid7’s Managed Detection and Response (MDR) team continuously monitors our customers' environments, identifying emerging threats and developing new detections. In August 2023, Rapid7 identified a new malware loader named the IDAT Loader. Malware loaders are a type of malicious software designed.....

CVE-2023-39309

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through...

CVE-2023-39309

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through...

CVE-2023-39309 WordPress Avada Builder plugin <= 3.11.1 - Auth. SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through...

Moderate Photon OS Security Update - PHSA-2024-5.0-0234

Updates of ['nss'] packages of Photon OS have been...

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.5.0 Vulnerability Details ** CVEID: CVE-2023-5764 DESCRIPTION: **Ansible could allow a local authenticated attacker to execute arbitrary code on the system, caused by a template injection flaw. By sending a...

CVE-2023-39311

Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through...

CVE-2023-39311

Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through...

CVE-2023-39311 WordPress Avada Builder plugin <= 3.11.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through...

CVE-2023-39306

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through...

CVE-2023-39306

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through...

CVE-2023-39306 WordPress Avada Builder plugin <= 3.11.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through...

Important Photon OS Security Update - PHSA-2024-3.0-0743

Updates of ['curl'] packages of Photon OS have been...

Important Photon OS Security Update - PHSA-2024-4.0-0584

Updates of ['linux', 'linux-aws', 'nss', 'linux-secure', 'linux-rt', 'file'] packages of Photon OS have been...

Important Photon OS Security Update - PHSA-2024-4.0-0585

Updates of ['curl'] packages of Photon OS have been...

Important Photon OS Security Update - PHSA-2024-5.0-0233

Updates of ['curl'] packages of Photon OS have been...

Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script

This blog entry discusses the Agenda ransomware group's use of its latest Rust variant to propagate to VMWare vCenter and ESXi...

VMware ESXi 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2022-0016)

The version of VMware ESXi installed on the remote host is prior to 6.7 P07, or 7.x prior to 7.0 Update 3e. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2022-0016 advisory: Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow...

Moderate Photon OS Security Update - PHSA-2024-5.0-0232

Updates of ['linux-secure', 'linux-rt', 'linux'] packages of Photon OS have been...

Important Photon OS Security Update - PHSA-2024-3.0-0742

Updates of ['linux-esx', 'linux', 'linux-aws', 'linux-secure', 'linux-rt'] packages of Photon OS have been...

Metasploit Framework 6.4 Released

Today, Metasploit is pleased to announce the release of Metasploit Framework 6.4. It has been just over a year since the release of version 6.3 and the team has added many new features and improvements since then. For news reporters, please reach out to [email protected]. Kerberos Improvements...