The Indian Computer Emergency Response Team (CERT-In) has issued alerts for users about multiple vulnerabilities being reported in the products of enterprise cloud services provider VMware. The bugs are found in VMware ESXi and Cloud Foundation.
Successful exploitation of these vulnerabilities could allow an attacker to gain access to sensitive information stored in physical memory about the hypervisor or other virtual machines that reside on the same ESXi host.
The cyber agency said, “These vulnerabilities exist in VMware ESXi and Cloud Foundation due to the Intel and AMD processors it utilises. An attacker with administrative access to a virtual machine could exploit these vulnerabilities by taking advantage of various side-channel CPU flaws.”
The other vulnerability named “Branch Type Confusion” can help attackers with administrative access to a virtual machine take advantage of various side-channel CPU flaws. The cyber agency has suggested users to apply appropriate updates as provided by the company.
The cyber agency also reported fresh bugs in Adobe Photoshop and Acrobat that could allow an attacker to execute arbitrary code and obtain sensitive information on the targeted system.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
