VMWare workstation vulnerability and patching information
Threat Intelligence from DigitalXRAID’s Security Operations Centre analysts:
The DigitalXRAID Security Operations Centre Analysts have shared information with customers about an important security vulnerability, which has been found in VMWare Workstation, Fusion, and ESXi products. This could result in arbitrary code execution due to a heap overflow vulnerability. Is your business affected by this vulnerability?
Read more about the CVE detail: CVE-2021-22045
The CVSS (Common Vulnerability Scoring System) severity score has been rated as 7.7.
The vulnerability resides within the CD-ROM device emulation in VMWare Workstation, Fusion, and ESXi. The vulnerability could potentially give a threat actor who has access to a virtual machine the ability to take control of affected systems and execute code on the hypervisor from a virtual machine.
The affected versions are listed below:
- ESXi 6.5
- ESXi 6.7
- ESXi 7.0
- Workstation 16.x
- Fusion 12.x
Patches have been released for all the above except for the VMWare ESXi 7.0 product. It is recommended to install these patches as soon as possible. For ESXi 7.0, VMWare are recommending that all CD-ROM/DVD devices running on virtual machines are disabled at this time. This can be done by following the instructions below:
- Log in to a vCenter Server system using the vSphere Web Client
- Right-click the virtual machine and click Edit Settings
- Select the CD/DVD drive and uncheck “Connected” and “Connect at power on” and remove any attached ISOs
If you believe you’re under attack or discover that you’ve suffered a breach and need help urgently, get in contact with us. You can call our emergency line on 0800 066 4509 to speak to one of our experts. They’re available 24 hours a day, 7 days a week. Bookmark this page in case you ever need us.
If you need any support in mitigating any risks this vulnerability may have on your business, please don’t hesitate to get in contact.
