Tuesday, May 28, 2024

Critical VMware Cloud Director Bug Let Hackers Complete Take Over the Corporate Server Infrastructure

Recently, a group of security researchers at Citadelo has revealed a new vulnerability in VMware Cloud Director, a leading cloud service-delivery platform that could potentially allow an attacker to access sensitive data and control private clouds within the infrastructure.

The security researchers have marked the flaw as ‘CVE-2020-3956‘, even they have also claimed that the flaw is a classic code injection that results in malicious injection or introduction of code.

This security flaw could be abused by the attackers to send malicious traffic to the Cloud Director, ultimately leading to the execution of arbitrary code, as we hinted earlier. 

Moreover, this security flaw was rated 8.8 out of 10 on the CVSSV3 vulnerability severity scale, making it a dangerous flaw unveiled by the security researchers.

VMware Cloud Director is a popular distribution platform that is used to manage and organize resources in the cloud, allowing firms to access data centers distributed in different geo-locations.

In short, the hackers can use this vulnerability to execute code execution attacks and technically take over all private clouds linked to the provided infrastructure.

The security company, Citadelo discovered this vulnerability on April 1, after conducting a security audit for a customer.

But, this tool is used by several companies around the world, and the urgency to solve the problem was introduced. 

This security flaw affects the VMware Cloud Director in versions 10.1.0 and earlier, as well as vCloud Director 8x – 10x in Linux configurations and PhotonOS devices. Apart from this, this flaw could be exploited through HTML5, Flex-based UIs, the API Explorer interface, and API access.

Who is affected?

  • Public cloud providers using VMware vCloud Director.
  • Private cloud providers using VMware vCloud Director
  • Enterprises using VMware vCloud Director technology
  • Any government identity using VMware Cloud Director.


This security flaw allows the attackers to do the following things that we have mentioned below:-

  • Allow viewing all the crucial contents of the system’s internal database.
  • Allow modifying the system database to access the virtual machines (VMs) assigned to different organizations.
  • Allow escalating the privileges from Organization Administrator to System Administrator with access to all cloud accounts.
  • Allow changing the Cloud Director login page.
  • Allow accessing other sensitive data like the customers’ full names, email addresses, and IP addresses.

By using the code injection vulnerabilities, attackers can view the confidential data of internal databases, like the password hashes that are given to the customers of the information system.

However, after these discoveries, the security researchers have directly communicated their results to VMware, and the company quickly responded to fix the security holes in a series of updates in versions ‘,’ ‘,’ ‘,’ and ‘10.0. 0.2.’

So, the organizations that have not yet applied this fix are still vulnerable to this flaw.

So, what do you think about this? Share all your views and thoughts in the comment section below.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read:

SaltStack Salt Critical Bug Affects Thousands of Datacenters and Cloud Environments

Cloud Computing Penetration Testing Checklist & Important Considerations

How to Choose a Cloud Services Provider With Best Security considerations


Latest articles

Researchers Exploited Nexus Repository Using Directory Traversal Vulnerability

Hackers target and exploit GitHub repositories for a multitude of reasons and illicit purposes.The...

DDNS Service In Fortinet Or QNAP Embedded Devices Exposes Sensitive Data, Researchers Warn

Hackers employ DNS for various purposes like redirecting traffic to enable man-in-the-middle attacks, infecting...

PoC Exploit Released For macOS Privilege Escalation Vulnerability

A new vulnerability has been discovered in macOS Sonoma that is associated with privilege...

CatDDoS Exploiting 80+ Vulnerabilities, Attacking 300+ Targets Daily

Malicious traffic floods targeted systems, servers, or networks in Distributed Denial of Service (DDoS)...

GNOME Remote Desktop Vulnerability Let Attackers Read Login Credentials

GNOME desktop manager was equipped with a new feature which allowed remote users to...

Kesakode: A Remote Hash Lookup Service To Identify Malware Samples

Today marks a significant milestone for Malcat users with the release of version 0.9.6,...

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software's web-based...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles