Critical Alert: Hackers Actively Targeting VMware and Kemp Security Holes

Critical Alert: Hackers Actively Targeting VMware and Kemp Security Holes

Critical Security Vulnerabilities Under Active Exploitation

Key Vulnerabilities:

1. Progress Kemp LoadMaster (CVE-2024-1212)

– Maximum severity score (CVSS 10.0)

– Allows unauthorized remote attackers to execute system commands

– Patched in February 2024

– Currently being actively exploited

2. VMware vCenter Server Flaws

– CVE-2024-38812 (CVSS 9.8): Heap-overflow vulnerability enabling remote code execution

– CVE-2024-38813 (CVSS 7.5): Privilege escalation vulnerability

– Both demonstrated at Matrix Cup competition in China

– Active exploitation confirmed by Broadcom

Important Actions:

– CISA added these vulnerabilities to Known Exploited Vulnerabilities (KEV) catalog

– Federal agencies must patch:

* LoadMaster vulnerability by December 9, 2024

* VMware vulnerabilities by December 11, 2024

Additional Context:

– SonicWall reported exploitation attempts against LoadMaster vulnerability

– Related development: Cybercriminals actively exploiting Veeam Backup & Replication vulnerability (CVE-2024-40711) to deploy “Frag” ransomware

Share This Article