Top Middle East Cyber Threat – 14 April 2020
At Help AG, our Managed Security Services (MSS) team offers 24x7x365 monitoring of complex IT security infrastructures to some of the largest enterprises in the region. As a result, we have our eyes keenly fixed on the cybersecurity threat landscape and are among the first in the region to learn and act upon new threats.
In this blog, we share the top cybersecurity threat our MSS team has recently come across. So, read on to learn about what you need to look out for in the weeks ahead:
VMware Critical Information Disclosure Flaw – CVE-2020-3952
A critical information disclosure flaw, tracked as CVE-2020-3952 was recently addressed by VMware. An attacker could exploit this sensitive information disclosure vulnerability in the VMware Directory Service (vmdir) to take control of an affected system.
According to VMware, the vulnerability could be exploited explicitly on vCenter Server that were upgraded from the previous version. Clean installs of vCenter Server 6.7 (embedded or eternal PSC) are not affected.
The CVE-2020-3952 vulnerability has received a CVSSv3 score of 10, it resides in the vCenter Server version 6.7 on Windows and Virtual Appliances. VMware administrators can decide whether they are affected by searching for vmdir entries in the logs in light of the fact that a log entry is made when the vmdir service starts stating that legacy ACL mode is enabled.
Recommendations
- The vulnerability has been addressed by VMware with the release of the 6.7u3f update. Help AG encourages users and administrators to review VMware Security Advisory VMSA-2020-0006 and apply the necessary updates at the earliest.
- Help AG also recommends referring to VMware article KB78543 which details steps to determine whether or not a particular deployment is affected by CVE-2020-3952.
References
