VMWare issued security patches to close critical vulnerabilities in its hypervisor software including ESXi, Workstation and Fusion. The vulnerabilities, CVE-2020-4004 and CVE-2020-4005, could allow an attacker who compromises a virtual machine (VM) and has local administrator access to the guest VM to execute code as the VMX process on the host server, and then escalate their privileges after gaining access to VMX. VMWare also issued security updates for SD-WAN Orchestrator that close six vulnerabilities including SQL injection. Those vulnerabilities are not as critical as those targeting ESXi.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.