VMware vCenter Server local privilege elevation

Added: 12/12/2022

Background

VMware vCenter Server is server management software for controlling VMware vSphere environments.

Problem

Improper permissions on the java-wrapper-vmon file allow authenticated, unprivileged attackers to gain root privileges.

Resolution

Upgrade to vCenter Server 7.0 U2c or higher.

References

https://www.vmware.com/security/advisories/VMSA-2021-0020.html

Limitations

The shell connection will only occur after the vmware-vmon service restarts or the target is rebooted. The exploit remains listening for a connectback in the background.

After a successful exploit, you will need to remove the exploit code from /usr/lib/vmware-vmon/java-wrapper-vmon.

Platforms

Linux

Back to exploit index