CVE-2021-21974

high

Description

OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution.

References

https://www.zerodayinitiative.com/advisories/ZDI-21-250/

https://blogs.blackberry.com/en/2023/02/esxiargs-ransomware-knocking-out-unpatched-vmware-esxi-linux-servers-worldwide

https://www.tenable.com/blog/cve-2021-21972-vmware-vcenter-server-remote-code-execution-vulnerability

https://www.vmware.com/security/advisories/VMSA-2021-0002.html

http://packetstormsecurity.com/files/162957/VMware-ESXi-OpenSLP-Heap-Overflow.html

Details

Source: Mitre, NVD

Published: 2021-02-24

Updated: 2024-11-21

Named Vulnerability: ESXiArgs

Risk Information

CVSS v2

Base Score: 5.8

Vector: CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.59901