Cisco Blogs
Share

Vulnerability Spotlight: VMWare VNC Vulnerabilities

- December 19, 2017 - 1 Comment

Today, Talos is disclosing a pair of vulnerabilities in the VNC implementation used in VMWare’s products that could result in code execution. VMWare implements VNC for its remote management, remote access, and automation purposes in VMWare products including Workstation, Player, and ESXi which share a common VMW VNC code base. The vulnerabilities manifest themselves in a way that would allow an attacker to initiate of VNC session causing the vulnerabilities to be triggered. Talos has coordinated with VMWare to ensure the issue was disclosed responsibly and patched by the vendor. Additionally, Talos has developed Snort signatures that can detect attempts to exploit these vulnerabilities.

Read More >>

Tags:
Leave a comment

We'd love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed and HTML formatting will not appear.

1 Comments

    i posted this to Twitter to share with vmware folk

Share