Home » News » Tech » Indian Cyber Agency Warns About Multiple Bugs in VMware Products
1-MIN READ

Indian Cyber Agency Warns About Multiple Bugs in VMware Products

IANS

Last Updated: July 19, 2022, 16:57 IST

New Delhi, India

The Indian Computer Emergency Response Team (CERT-In) has issued fresh alerts for users, this time about multiple vulnerabilities being reported in the products of enterprise cloud services provider VMware. (Image: IANS)

The Indian Computer Emergency Response Team (CERT-In) has issued fresh alerts for users, this time about multiple vulnerabilities being reported in the products of enterprise cloud services provider VMware. (Image: IANS)

CERT-In found bugs in VMware ESXi and Cloud Foundation, which could be exploited by an attacker to gain access to sensitive information.

The Indian Computer Emergency Response Team (CERT-In) has issued fresh alerts for users, this time about multiple vulnerabilities being reported in the products of enterprise cloud services provider VMware.

CERT-In found bugs in VMware ESXi and Cloud Foundation, which could be exploited by an attacker to gain access to sensitive information.

“These vulnerabilities exist in VMware ESXi and Cloud Foundation due to the Intel and AMD processors it utilises. An attacker with administrative access to a virtual machine could exploit these vulnerabilities by taking advantage of various side-channel CPU flaws," the cyber agency warned.

Watch video:Nothing Phone (1) Detailed Review: What’s Cool And What’s Not

RELATED NEWS

Successful exploitation of these vulnerabilities could allow an attacker to gain access to sensitive information stored in physical memory about the hypervisor or other virtual machines that reside on the same ESXi host, it added.

The other ‘Branch Type Confusion’ vulnerability can help attacker with administrative access to a virtual machine take advantage of various side-channel CPU flaws.

The cyber agency has suggested users to apply appropriate updates as provided by the company.

In May, chip and software maker Broadcom announced to acquire VMware in a cash-and-stock deal valued at $61 billion.

CERT-In also reported fresh bugs in Adobe Photoshop and Acrobat that could allow an attacker to execute arbitrary code and obtain sensitive information on the targeted system.

“These vulnerabilities exist in Adobe Photoshop due to access to an uninitialized pointer and use-after-free error. An attacker could exploit these vulnerabilities by persuading a victim to open a specially-crafted document on the targeted system," said the cyber agency.

Read all the Latest News, Breaking News, watch Top Videos and Live TV here.

first published:July 19, 2022, 16:57 IST
last updated:July 19, 2022, 16:57 IST