Science & Technology

Indian cyber agency warns about multiple bugs in VMware products

CERT-In found bugs in VMware ESXi and Cloud Foundation, which could be exploited by an attacker to gain access to sensitive information.

Sentinel Digital Desk

The Indian Computer Emergency Response Team (CERT-In) has issued fresh alerts for users, this time about multiple vulnerabilities being reported in the products of enterprise cloud services provider VMware.

CERT-In found bugs in VMware ESXi and Cloud Foundation, which could be exploited by an attacker to gain access to sensitive information.

"These vulnerabilities exist in VMware ESXi and Cloud Foundation due to the Intel and AMD processors it utilises. An attacker with administrative access to a virtual machine could exploit these vulnerabilities by taking advantage of various side-channel CPU flaws," the cyber agency warned.

Successful exploitation of these vulnerabilities could allow an attacker to gain access to sensitive information stored in physical memory about the hypervisor or other virtual machines that reside on the same ESXi host, it added. The other 'Branch Type Confusion' vulnerability can help attacker with administrative access to a virtual machine take advantage of various side-channel CPU flaws.

The cyber agency has suggested users to apply appropriate updates as provided by the company. (IANS)

Also Watch: