VMware has patched authentication and denial of service vulnerabilities (CVE-2021-21994, CVE-2021-21995) that impact VMware ESXi and Cloud Foundation products.
An attacker could exploit this vulnerability and take control of an unpatched system.
For the first issue, SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability CVE-2021-21994.
“A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request,” VMware stated in the advisory.
The vulnerability has a CVSSv3 base score of 7.0 and is High severity.
For the second issue, OpenSLP as used in ESXi has a denial-of-service vulnerability due to a heap out-of-bounds read issue CVE-2021-21995.
“A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-service condition,” VMware noted in the advisory.
The vulnerability has a CVSSv3 base score of 5.3 and is also rated Moderate severity.
VMware has provided patches and workarounds to address these vulnerabilities in impacted VMware products.