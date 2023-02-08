Large amount of VMware ESXi servers need urgent patching

By on
Large amount of VMware ESXi servers need urgent patching

Cybersecurity firm Wiz has published research which shows that at least 12 per cent of servers running VMware ESXi hypervisor are unpatched against a two-year-old vulnerability that is now being exploited in a widespread ransomware attack.

[Related: Patching Urged For ‘Critical’ VMware vRealize Vulnerabilities]

“Attacks utilising this vulnerability to install ransomware have been discovered worldwide, though mostly in Europe,” Wiz said.

The US and Canada continue to rank second and fourth, respectively, in terms of countries hardest hit by the ESXiArgs ransomware campaign, with hundreds of servers compromised by the ransomware criminals.

Targets are “primarily” VMware ESXi servers that run versions of the hypervisor prior to 7.0 U3i, “which are accessible through the OpenSLP port 427.”

First disclosed in 2021 and tracked at CVE-2021-21974, the vulnerability specifically affects the OpenSLP service in older versions of ESXi, and can be exploited to enable remote execution of code.

VMware noted that there’s a correlation between the cyberattacks and servers that are either at end-of-support or “significantly out-of-date.”

The OpenSLP service was disabled in ESXi in 2021 starting with ESXi 7.0 U2c and ESXi 8.0 GA, VMware said.

The company said Monday that it’s “advising customers to upgrade to the latest available supported releases of vSphere components to address currently known vulnerabilities,” and that it also continues to recommend that customers disable the OpenSLP service in ESXi.

“VMware has not found evidence that suggests an unknown vulnerability (0-day) is being used to propagate the ransomware used in these recent attacks,” the company said.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © 2018 The Channel Company, LLC. All rights reserved.
Tags:
esxi esxiargs finance security vmware wiz

Partner Content

Boosting educational equity through flexible architecture
Boosting educational equity through flexible architecture
Dialpad AI mines call centres for unprecedented insights
Dialpad AI mines call centres for unprecedented insights
Proactive defence in the cloud security challenge
Proactive defence in the cloud security challenge
In the low-latency cloud era, connectivity makes all the difference
In the low-latency cloud era, connectivity makes all the difference
Digital solutions fuel productivity, creativity in 'new age' of work
Digital solutions fuel productivity, creativity in 'new age' of work

Sponsored Whitepapers

Wasabi Focuses On Just One Thing: Providing the Best Cloud Storage Solution in the World
Wasabi Focuses On Just One Thing: Providing the Best Cloud Storage Solution in the World
How vulnerability scans identify & protect against cyberthreats before criminals locate them
How vulnerability scans identify & protect against cyberthreats before criminals locate them
Monitoring & automation: A primer for MSPs
Monitoring & automation: A primer for MSPs
Endpoint Detection and Response
Endpoint Detection and Response
How to put your infrastructure into overdrive
How to put your infrastructure into overdrive

Most Read Articles

Citrix launches simplified partner program

Citrix launches simplified partner program
Why Dicker Data is making sustainability a "major focus"

Why Dicker Data is making sustainability a "major focus"
A deep dive into Dell&#8217;s 2023 partner program refresh

A deep dive into Dell’s 2023 partner program refresh
Fortinet names 2022 Aussie partner award winners

Fortinet names 2022 Aussie partner award winners

Log In

Email:
Password:
  |  Forgot your password?