5 min read
I (don't) like to MOVEit MOVEit
PacketWatch was made aware this morning of a critical vulnerability being actively exploited with a file transfer software MOVEit, from the company...
1 min read
The PacketWatch Intelligence Team
:
Mar 10, 2023 12:00:00 AM
The Cybersecurity and Infrastructure Security Agency (CISA) has added another VMware vulnerability (CVE-2021-39144) to their growing list of vulnerabilities that they have observed threat actors exploiting in the wild. Exploitation only requires network access to the NSX-v Manager appliance, and successful exploitation will give root privileges (full control) of the NSX-v Manager. This exploit is lower complexity with available POC code, and vulnerable systems only need to be network accessible to any compromised machines, or web accessible, with no additional requirements such as valid credentials.
All versions of VMware NSX Data Center for vSphere (NSX-v) Manager 6.4.14 are affected by the vulnerability. Because these are observed being actively exploited, it is important to ensure that relevant VMware products are fully patched. Additional information is available in the VMware article linked below. Proof of concept (POC) code is currently available, giving both security professionals and threat actors easy methods to find vulnerable systems. The NIST link below has references to available exploit code.
Disclaimer
The information provided in this article is provided “as-is.” It is not finally evaluated intelligence and should be considered raw information that is provided for strictly situational awareness, given what is known at this time.
5 min read
PacketWatch was made aware this morning of a critical vulnerability being actively exploited with a file transfer software MOVEit, from the company...
3 min read
Bottom Line Up Front (BLUF) Cropped screenshots on affected software leave behind image data that can be recovered, potentially revealing uncropped...
3 min read
Read our latest Enterprise Threat Intelligence Briefing on the Microsoft Outlook Elevation of Privilege Vulnerability, compiled by Kyle Nordby and ...