Cisco Blogs
Share

Vulnerability Spotlight: VMWare VNC Vulnerabilities

- December 19, 2017 - 1 Comment

Today, Talos is disclosing a pair of vulnerabilities in the VNC implementation used in VMWare’s products that could result in code execution. VMWare implements VNC for its remote management, remote access, and automation purposes in VMWare products including Workstation, Player, and ESXi which share a common VMW VNC code base. The vulnerabilities manifest themselves in a way that would allow an attacker to initiate of VNC session causing the vulnerabilities to be triggered. Talos has coordinated with VMWare to ensure the issue was disclosed responsibly and patched by the vendor. Additionally, Talos has developed Snort signatures that can detect attempts to exploit these vulnerabilities.

Read More >>

Tags:

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

1 Comments

    i posted this to Twitter to share with vmware folk