Lucene search
+L

15 matches found

GithubExploit
GithubExploit
added 2025/01/10 6:0 p.m.240 views

Exploit for Out-of-bounds Write in Vmware Cloud_Foundation

CVE-2021-21974 PoC - VMware ESXi RCE Exploit Descrição Est...

8.8CVSS9.1AI score0.45063EPSS
Exploits7
Rapid7 Blog
Rapid7 Blog
added 2023/02/09 6:36 p.m.84 views

Nearly 19,000 ESXi Servers Still Vulnerable to CVE-2021-21974

Last week, multiple organizations issued warnings that a ransomware campaign dubbed “ESXiArgs” was targeting VMware ESXi servers, allegedly by leveraging CVE-2021-21974—a nearly two-year-old heap overflow vulnerability. Two years. And yet, Rapid7 research has found that a significant number of ES...

5.8CVSS0.7AI score0.45063EPSS
Exploits7
hivepro
hivepro
added 2023/02/09 6:52 a.m.179 views

The ESXiArgs ransomware attack is targeting VMware ESXi servers globally

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A global ransomware attack, known as ESXiArgs, is affecting servers using VMware ESXi hypervisors version 6.x prior to 6.7 due to a vulnerability CVE-2021-21974 caused by a heap overflow issue in the Ope...

5.8CVSS3.6AI score0.45063EPSS
Exploits7
Trellix
Trellix
added 2023/02/09 12:0 a.m.147 views

Global ESXiArgs ransomware attack on the back of a two-year-old vulnerability

Global ESXiArgs Ransomware Attack on the Back of a Two-Year-Old Vulnerability By John Fokker, Alfred Alvarado, Tim Hux, Jeffrey Sman, Joao Marques · February 09, 2023 Figure 1: Global Telemetry from Trellix ATLAS for Ips connecting to port 427 Introduction: Early this week, VMware issued a...

1.3AI score0.9957EPSS
Exploits54
Qualys Blog
Qualys Blog
added 2023/02/08 12:39 a.m.127 views

Ransomware Targets Outdated VMware ESXi Hypervisors: Protect Your Systems Now!

Updated on February 8, 2023 at 2:40 PM Pacific Standard Time: This article has been updated with EVALUATE Vendor-Suggested Mitigation with Policy Compliance PC Updated on February 7, 2023 at 9:05 PM Pacific Standard Time: This article has been updated with the latest information on the...

10CVSS1.4AI score0.83015EPSS
Exploits8
Wiz blog
Wiz blog
added 2023/02/07 12:26 p.m.44 views

Ransomware attacks targeting VMware ESXi servers: everything you need to know

Recent attacks leverage CVE-2021-21974 to install ransomware on VMWare ESXi servers. Security teams are advised to patch and stay vigilant for indicators of compromise...

8.8CVSS6.9AI score0.45063EPSS
Exploits7
Rapid7 Blog
Rapid7 Blog
added 2023/02/06 3:0 p.m.87 views

Ransomware Campaign Compromising VMware ESXi Servers

On February 3, 2023, French web hosting provider OVH and French CERT issued warnings about a ransomware campaign that was targeting VMware ESXi servers worldwide with a new ransomware strain dubbed “ESXiArgs.” The campaign appears to be leveraging CVE-2021-21974, a nearly two-year-old heap overfl...

5.8CVSS9AI score0.45063EPSS
Exploits7
The Hacker News
The Hacker News
added 2023/02/04 5:30 a.m.105 views

New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers

VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised systems. "These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021," the Computer Emergency Response Team CERT of France said i...

8.8CVSS2.5AI score0.45063EPSS
Exploits7
0day.today
0day.today
added 2021/06/03 12:0 a.m.404 views

VMware ESXi OpenSLP Heap Overflow Exploit

Proof of concept exploit for the OpenSLP heap overflow in VMware ESXi versions 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, and 6.5 before ESXi650-202102101-SG. !/usr/bin/python3 CVE-2021-21974 PoC Exploit By: Johnny Yu @staightblast Tested against: 1 VMware ESXi 6.7.0...

8.8CVSS9.2AI score0.45063EPSS
Exploits7
Packet Storm
Packet Storm
added 2021/06/03 12:0 a.m.405 views

VMware ESXi OpenSLP Heap Overflow

!/usr/bin/python3 CVE-2021-21974 PoC Exploit By: Johnny Yu @staightblast Tested against: 1 VMware ESXi 6.7.0 build-14320388 ; VMware ESXi 6.7.0 Update 3 2 VMware ESXi 6.7.0 build-16316930 ; VMware ESXi 6.7.0 Update 3 import sys import time import trace import queue import struct import socket...

5.8CVSS0.4AI score0.45063EPSS
Exploits7
seebug.org
seebug.org
added 2021/05/25 12:0 a.m.740 views

ESXi OpenSLP堆溢出漏洞(CVE-2021-21974)

My RCE PoC walkthrough for CVE-2021–21974 VMware ESXi OpenSLP heap-overflow vulnerability Introduction During a recent engagement, I discovered a machine that is running VMware ESXi 6.7.0. Upon inspecting any known vulnerabilities associated with this version of the software, I identified it may ...

10CVSS9.8AI score0.83015EPSS
Exploits8
Cvelist
Cvelist
added 2021/02/24 4:57 p.m.34 views

CVE-2021-21974

OpenSLP as used in ESXi 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue i...

9.1AI score0.45063EPSS
Exploits7References3
CVE
CVE
added 2021/02/24 4:57 p.m.808 views

CVE-2021-21974

CVE-2021-21974 is a heap-based overflow in VMware ESXi’s OpenSLP service that can enable remote code execution when an attacker on the same network segment can reach port 427. Affected releases include ESXi 7.x (before ESXi70U1c-17325551), ESXi 6.7 (before 202102401-SG), and ES6.5 (before 2021021...

8.8CVSS8.9AI score0.45063EPSS
In wildExploits7References3Affected Software1
Circl
Circl
added 2021/02/24 10:28 a.m.59 views

CVE-2021-21974

creationtimestamp| type| source ---|---|--- 2021-02-24 10:28:10+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuuksia-vmwaren-tuotteissa-paivita-heti 2021-02-24 20:36:56+00:00| seen| https://t.me/cibsecurity/24086 2021-03-06 08:43:32+00:00| published-proof-of-concept|...

8.8CVSS8.2AI score0.45063EPSS
Exploits7References32
The Hacker News
The Hacker News
added 2021/02/24 7:54 a.m.1891 views

Critical RCE Flaws Affect VMware ESXi and vSphere Client — Patch Now

VMware has addressed multiple critical remote code execution RCE vulnerabilities in VMware ESXi and vSphere Client virtual infrastructure management platform that may allow attackers to execute arbitrary commands and take control of affected systems. "A malicious actor with network access to port...

10CVSS1AI score0.99999EPSS
Exploits103
Rows per page
Query Builder