Thursday, March 28, 2024

Critical VMware Cloud Director Bug Let Hackers Complete Take Over the Corporate Server Infrastructure

Recently, a group of security researchers at Citadelo has revealed a new vulnerability in VMware Cloud Director, a leading cloud service-delivery platform that could potentially allow an attacker to access sensitive data and control private clouds within the infrastructure.

The security researchers have marked the flaw as ‘CVE-2020-3956‘, even they have also claimed that the flaw is a classic code injection that results in malicious injection or introduction of code.

This security flaw could be abused by the attackers to send malicious traffic to the Cloud Director, ultimately leading to the execution of arbitrary code, as we hinted earlier. 

Moreover, this security flaw was rated 8.8 out of 10 on the CVSSV3 vulnerability severity scale, making it a dangerous flaw unveiled by the security researchers.

VMware Cloud Director is a popular distribution platform that is used to manage and organize resources in the cloud, allowing firms to access data centers distributed in different geo-locations.

In short, the hackers can use this vulnerability to execute code execution attacks and technically take over all private clouds linked to the provided infrastructure.

The security company, Citadelo discovered this vulnerability on April 1, after conducting a security audit for a customer.

But, this tool is used by several companies around the world, and the urgency to solve the problem was introduced. 

This security flaw affects the VMware Cloud Director in versions 10.1.0 and earlier, as well as vCloud Director 8x – 10x in Linux configurations and PhotonOS devices. Apart from this, this flaw could be exploited through HTML5, Flex-based UIs, the API Explorer interface, and API access.

Who is affected?

  • Public cloud providers using VMware vCloud Director.
  • Private cloud providers using VMware vCloud Director
  • Enterprises using VMware vCloud Director technology
  • Any government identity using VMware Cloud Director.

Exploitation

This security flaw allows the attackers to do the following things that we have mentioned below:-

  • Allow viewing all the crucial contents of the system’s internal database.
  • Allow modifying the system database to access the virtual machines (VMs) assigned to different organizations.
  • Allow escalating the privileges from Organization Administrator to System Administrator with access to all cloud accounts.
  • Allow changing the Cloud Director login page.
  • Allow accessing other sensitive data like the customers’ full names, email addresses, and IP addresses.

By using the code injection vulnerabilities, attackers can view the confidential data of internal databases, like the password hashes that are given to the customers of the information system.

However, after these discoveries, the security researchers have directly communicated their results to VMware, and the company quickly responded to fix the security holes in a series of updates in versions ‘9.1.0.4,’ ‘9.5.0.6,’ ‘9.7.0.5,’ and ‘10.0. 0.2.’

So, the organizations that have not yet applied this fix are still vulnerable to this flaw.

So, what do you think about this? Share all your views and thoughts in the comment section below.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Also Read:

SaltStack Salt Critical Bug Affects Thousands of Datacenters and Cloud Environments

Cloud Computing Penetration Testing Checklist & Important Considerations

How to Choose a Cloud Services Provider With Best Security considerations

Website

Latest articles

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft...

Microsoft Expands Edge Bounty Program to Include WebView2!

Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included...

Beware of Free Android VPN Apps that Turn Your Device into Proxies

Cybersecurity experts have uncovered a cluster of Android VPN applications that covertly transform user...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles