{"id":41364,"date":"2021-06-15T14:29:14","date_gmt":"2021-06-15T14:29:14","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/32377\/Critical-Remote-Code-Execution-Flaw-In-Thousands-Of-VMWare-vCenter-Servers-Remains-Unpatched.html"},"modified":"2021-06-15T14:29:14","modified_gmt":"2021-06-15T14:29:14","slug":"critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/","title":{"rendered":"Critical Remote Code Execution Flaw In Thousands Of VMWare vCenter Servers Remains Unpatched"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.zdnet.com\/a\/hub\/i\/r\/2021\/06\/09\/f0d855e4-b54a-43db-96d0-673268c39e8f\/thumbnail\/770x578\/7c61205de543fc9cf00fda3cd1b4a971\/vmware.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Researchers have warned that thousands of internet-facing VMWare vCenter servers still harbor critical vulnerabilities weeks after patches were released.&nbsp; <\/p>\n<p>The vulnerabilities impact VMWare vCenter Server, a centralized management utility.&nbsp; <\/p>\n<p>VMWare issued patches for two critical bugs, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-21985\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">CVE-2021-21985<\/a> and <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-21986\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">CVE-2021-21986<\/a>, on May 25.&nbsp; <\/p>\n<p>The first security flaw, CVE-2021-21985, impacts VMware vCenter Server and VMware Cloud Foundation and has been issued a CVSS score of 9.8. This bug was found in a vSAN plugin, enabled by default in the application, that allows attackers to execute remote code execution (RCE) if they have access to port 443. <\/p>\n<p>VMWare said <a href=\"https:\/\/www.vmware.com\/security\/advisories\/VMSA-2021-0010.html\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">in a security advisory<\/a> that this severe bug can be exploited so threat actors can access &#8220;the underlying operating system that hosts vCenter Server&#8221; with &#8220;unrestricted privileges.&#8221; <\/p>\n<p>The bug impacts vCenter Server 6.5, 6.7, and v.7.0, alongside Cloud Foundation vCenter Server 3.x and 4.x. <\/p>\n<p>The second vulnerability, CVE-2021-21986, is present in the vSphere Client (HTML5) and the vSphere authentication mechanism for a variety of plugins: Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability.&nbsp; <\/p>\n<section class=\"sharethrough-top\" data-component=\"medusaContentRecommendation\" data-medusa-content-recommendation-options=\"{&quot;promo&quot;:&quot;promo_zd_recommendation_sharethrough_top_in_article_desktop&quot;,&quot;spot&quot;:&quot;dfp-in-article&quot;}\"> <\/section>\n<p>Considered less critical with a CVSS score of 6.5, this flaw still permits attackers with access to port 443 to &#8220;perform actions allowed by the impacted plug-ins without authentication.&#8221; <\/p>\n<p>It appears that thousands of internet-facing servers are still exposed and vulnerable to both CVE-2021-21985 and CVE-2021-21986.&nbsp; <\/p>\n<p>On Tuesday, researchers from Trustwave SpiderLabs said <a href=\"https:\/\/www.trustwave.com\/en-us\/resources\/blogs\/spiderlabs-blog\/thousands-of-vulnerable-vmware-vcenter-servers-still-publicly-exposed-cve-2021-21985-cve-2021-21986\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">an analysis<\/a> of VMWare vCenter servers revealed 5,271 instances of VMWare vCenter servers that are available online, the majority of which are running versions 6.7, 6.5, and 7.0, with port 443 the most commonly employed.<br \/>&nbsp;<br \/>After using the Shodan search engine for further examination, the team was able to pull data from 4969 instances, and they found that a total of 4019 instances &#8212; or 80.88% &#8212; remain unpatched.&nbsp; <\/p>\n<p>The remaining 19.12% are likely to be vulnerable, as they are old versions of the software, including versions 2.5x and 4.0x, that are end-of-life and unsupported.&nbsp; <\/p>\n<p>At the time the vendor issued the security fixes, VMWare said the&nbsp;<a href=\"https:\/\/blogs.vmware.com\/vsphere\/2021\/05\/vmsa-2021-0010.html\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">vulnerabilities demanded<\/a> the &#8220;immediate attention&#8221; of users. As previously&nbsp;<a href=\"https:\/\/www.zdnet.com\/article\/patch-immediately-vmware-warns-of-critical-remote-code-execution-holes-in-vcenter\/\" target=\"_blank\" rel=\"noopener\">reported by ZDNet<\/a>, the patches may break some third party plugins, and if applying the fixes aren&#8217;t possible, server owners are asked to disable&nbsp;<a href=\"https:\/\/kb.vmware.com\/s\/article\/83829\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">VMWare plugins<\/a> to mitigate the threat of exploit.&nbsp; <\/p>\n<p>It is recommended that these types of critical bugs are tackled, or mitigated, as quickly as possible.&nbsp; <\/p>\n<p>Proof-of-Concept (PoC) code has been released for CVE-2021-21985. The issue is severe enough that the US Cybersecurity and Infrastructure Security Agency (CISA) <a href=\"https:\/\/www.zdnet.com\/article\/patch-now-attackers-are-hunting-for-this-critical-vmware-vcentre-flaw\/\" target=\"_blank\" rel=\"noopener\">has alerted vendors<\/a> to patch their builds.&nbsp; <\/p>\n<h3> Previous and related coverage <\/h3>\n<hr>\n<p><strong>Have a tip?<\/strong> Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 <\/p>\n<hr>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/32377\/Critical-Remote-Code-Execution-Flaw-In-Thousands-Of-VMWare-vCenter-Servers-Remains-Unpatched.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":41365,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[256],"class_list":["post-41364","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackerflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Critical Remote Code Execution Flaw In Thousands Of VMWare vCenter Servers Remains Unpatched 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Critical Remote Code Execution Flaw In Thousands Of VMWare vCenter Servers Remains Unpatched 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-06-15T14:29:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"578\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Critical Remote Code Execution Flaw In Thousands Of VMWare vCenter Servers Remains Unpatched\",\"datePublished\":\"2021-06-15T14:29:14+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/\"},\"wordCount\":464,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched.jpg\",\"keywords\":[\"headline,hacker,flaw\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/\",\"name\":\"Critical Remote Code Execution Flaw In Thousands Of VMWare vCenter Servers Remains Unpatched 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched.jpg\",\"datePublished\":\"2021-06-15T14:29:14+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/#primaryimage\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched.jpg\",\"width\":770,\"height\":578},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,flaw\",\"item\":\"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerflaw\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Critical Remote Code Execution Flaw In Thousands Of VMWare vCenter Servers Remains Unpatched\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Critical Remote Code Execution Flaw In Thousands Of VMWare vCenter Servers Remains Unpatched 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/","og_locale":"en_US","og_type":"article","og_title":"Critical Remote Code Execution Flaw In Thousands Of VMWare vCenter Servers Remains Unpatched 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-06-15T14:29:14+00:00","og_image":[{"width":770,"height":578,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Critical Remote Code Execution Flaw In Thousands Of VMWare vCenter Servers Remains Unpatched","datePublished":"2021-06-15T14:29:14+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/"},"wordCount":464,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched.jpg","keywords":["headline,hacker,flaw"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/","url":"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/","name":"Critical Remote Code Execution Flaw In Thousands Of VMWare vCenter Servers Remains Unpatched 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched.jpg","datePublished":"2021-06-15T14:29:14+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched.jpg","width":770,"height":578},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/critical-remote-code-execution-flaw-in-thousands-of-vmware-vcenter-servers-remains-unpatched\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerflaw\/"},{"@type":"ListItem","position":3,"name":"Critical Remote Code Execution Flaw In Thousands Of VMWare vCenter Servers Remains Unpatched"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/41364","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=41364"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/41364\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/41365"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=41364"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=41364"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=41364"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}