Rewterz Threat Advisory – CVE-2020-3952 – VMWare vCenter Server Information Disclosure vulnerability

Rewterz Official Statement on the Reported Data Breach of 115M Pakistani Mobile Users

April 11, 2020

Rewterz Threat Alert – New Ursnif Campaign: A Shift from PowerShell to Mshta

April 13, 2020

Rewterz Threat Advisory – CVE-2020-3952 – VMWare vCenter Server Information Disclosure vulnerability

Severity

High

Analysis Summary

Under certain conditions vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls. A malicious actor with network access to an affected vmdir deployment may be able to extract highly sensitive information which could be used to compromise vCenter Server or other services which are dependent upon vmdir for authentication.

Impact

Information disclosure

Affected Vendors

VMWare

Affected Products

vCenter Server 6.7 (embedded or external PSC) prior to 6.7u3f

Remediation

Update to fixed version.

https://my.vmware.com/web/vmware/details?productId=742&rPId=44888&downloadGroup=VC67U3F

Rewterz Official Statement on the Reported Data Breach of 115M Pakistani Mobile Users

Rewterz Threat Alert – New Ursnif Campaign: A Shift from PowerShell to Mshta

Rewterz Threat Advisory – CVE-2020-3952 – VMWare vCenter Server Information Disclosure vulnerability

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan