Threat Geek Blog

The latest news updates, threat research and industry insights from the pros at Fidelis.

Protocol-Vulnerabilities-threa-intel

Critical RCE and SLP Protocol Vulnerabilities in VMWare

On 23 February 2021, VMWare announced it patched multiple vulnerabilities in its VMWare vCenter and ESXi products. The vulnerabilities consisted of a critical unauthenticated remote code execution (RCE), server-side forgery request (SSRF), and a heap overflow vulnerability in OpenSLP protocol.

Read more