Zero-day exploit broker Zerodium is looking for 0day exploits for the VMware vCenter Server
Zero-day exploit broker Zerodium announced it is looking for zero-day exploits for VMware vCenter Server. vCenter Server is the centralized management utility for VMware, and is used to manage virtual machines, multiple ESXi hosts, and all dependent components from a single centralized location. The company will pay up to $100,000 for zero-days in vCenter Server.
“We are looking for pre-authentication exploits affecting recent versions of vCenter Server. The exploit should allow remote code execution, work with default installations and default ports/services, and should not require any authentication or user interaction.” reads the announcement published by the zero-day broker.
New target added to our temporary #0day bounties:
– [$100,000] VMWare vCenter Server Pre-Auth RCE
More details at: https://t.co/VL04uBvgUj
— Zerodium (@Zerodium) July 14, 2021
Zerodium resells the exploits to its customers that include law enforcement bodies and intelligence agencies that could use them in their investigations.
The announcement is temporary likely because it comes after a request from some of its customers.
The company is searching for pre-authentication exploits that could lead to remote code execution on default installations, without user interaction.
Other temporary acquisitions run by Zerodium include Moodle and IM client tool Pidgin RCEs.
Follow me on Twitter: @securityaffairs and Facebook
(SecurityAffairs – hacking, Zerodium zero-day exploit broker)
Share On
Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at “Cyber Defense Magazine”, Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog “Security Affairs” recently named a Top National Security Resource for US. Pierluigi is a member of the “The Hacker News” team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books “The Deep Dark Web” and “Digital Virtual Currency and Bitcoin”.
Zero-day exploit broker Zerodium is looking for 0day exploits for the VMware vCenter Server
Zero-day exploit broker Zerodium announced it is looking for zero-day exploits for VMware vCenter Server. vCenter Server is the centralized management utility for VMware, and is used to manage virtual machines, multiple ESXi hosts, and all dependent components from a single centralized location. The company will pay up to $100,000 for zero-days in vCenter Server.
“We are looking for pre-authentication exploits affecting recent versions of vCenter Server. The exploit should allow remote code execution, work with default installations and default ports/services, and should not require any authentication or user interaction.” reads the announcement published by the zero-day broker.
New target added to our temporary #0day bounties:
– [$100,000] VMWare vCenter Server Pre-Auth RCE
More details at: https://t.co/VL04uBvgUj
— Zerodium (@Zerodium) July 14, 2021
Zerodium resells the exploits to its customers that include law enforcement bodies and intelligence agencies that could use them in their investigations.
The announcement is temporary likely because it comes after a request from some of its customers.
The company is searching for pre-authentication exploits that could lead to remote code execution on default installations, without user interaction.
Other temporary acquisitions run by Zerodium include Moodle and IM client tool Pidgin RCEs.
Follow me on Twitter: @securityaffairs and Facebook
(SecurityAffairs – hacking, Zerodium zero-day exploit broker)