CVE-2020-3956 RCE Vulnerability Detected In VMware Cloud Director

VMware Cloud Director is one of the leading cloud service delivery platforms which are used by many cloud providers to manage cloud service businesses. But recently a vulnerability is detected in this cloud service platform which is termed as CVE-2020-3956. This vulnerability is serious because it allows attackers to collect sensitive data saved on cloud platform and misuse them in different ways. It is a remote code execution (RCE) loophole that allows cyber criminals to execute several unsafe activities. According to security report, CVE-2020-3956 provides chance to cyber crooks to inject malicious code that allows them to send unsafe web traffic to the Cloud Director.

The vulnerability was first spotted by Tomáš Melicher and Lukáš Václavík couples of week ago. According to the researchers, CVE-2020-3956 RCE vulnerability can affect VMware Cloud Director 9.5.x, 9.7.x, 10.0.x on Linux as well as Photon OS. However, researcher also claims that Versions 8.x, 9.0.x and 10.1.0 are still not affected by this remote code execution loophole. According to company, VMware had detected a vulnerability in this month which is known as CVE-2020-3952 that may help attackers to compromise server of vCenter as well as other services that utilize Directory Service for authentication.

How Attackers Exploit CVE-2020-3956 Vulnerability?

According to official advisory of company, CVE-2020-3956 RCE vulnerability is a result of issue which is not handled by VMware Cloud Director properly which leads to code injection loophole. VMware has analyzed the severity of this vulnerability and marked it as severe with a base 8.8 CVSSv3. As mentioned above, the security flaw is exploited by cyber crooks who can utilize it to send lots of malicious traffic to the VMware Cloud director. This malicious action can also result in arbitrary code execution. Cyber criminals can exploit this dangerous flaw via HTML5 as well as Flex-based user interface that also allow API access to them.

As per the security report, arbitrary code execution is used to describe the ability of cyber attackers to execute arbitrary code or command against a targeted machine or in the process running on it. It means CVE-2020-3956 flaw can allow crooks to inject malicious code in a system or its process that uses VMware Cloud Director platform. It is really dangerous because attackers can inject such codes that help them to collect personal data, delete important file or utilize the system to execute illegal activities.

How To Address CVE-2020-3956 Vulnerability?

CVE-2020-3956 RCE vulnerability detected in VMware Cloud Director is really dangerous and it should be fixed soon. Few days before, users of this cloud based service platform were much tensed because of its flaw. They were looking for different ways to fix this vulnerability and some of them were even looking for other provider. However there is no need to worry because company addressed the vulnerability. So if you are also user of VMware Cloud Director and want to fix the CVE-2020-3956 remote code execution flaw, you just have to download patches provided by company and apply them.

Leave a Reply

Your email address will not be published. Required fields are marked *