Original release date: September 24, 2021
On September 21, 2021, VMware disclosed that its vCenter Server is affected by an arbitrary file upload vulnerability—CVE-2021-22005—in the Analytics service. A malicious cyber actor with network access to port 443 can exploit this vulnerability to execute code on vCenter Server.
On September 24, 2021, VMware confirmed reports that CVE-2021-22005 is being exploited in the wild. Security researchers are also reporting mass scanning for vulnerable vCenter Servers and publicly available exploit code. Due to the availability of exploit code, CISA expects widespread exploitation of this vulnerability.
To mitigate CVE-2021-22005, CISA strongly urges critical infrastructure entities and other organizations with affected vCenter Server versions to take the following actions.
This product is provided subject to this Notification and this Privacy & Use policy.
Today, CISA issued Emergency Directive ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices…
CISA is releasing this Alert to provide guidance in response to a widespread software supply…
Today, CISA released a cybersecurity advisory detailing lessons learned from an incident response engagement following…
SonicWall released a security advisory to assist their customers with protecting systems impacted by the…
CISA released nine Industrial Control Systems (ICS) advisories on September 18, 2025. These advisories provide…
Today, CISA released a Malware Analysis Report detailing the functionality of two sets of malware…
This website uses cookies.