VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability

Unpatched and unprotected VMware ESXi servers around the world have been targeted over the past few days in a large-scale ransomware attack exploiting a vulnerability patched in 2021.The attacks, dubbed ESXiArgs, are still being analyzed by the cybersecurity community, but based on the information available to date, it appears that threat actors are exploiting CVE-2021-21974, a high-severity ESXi OpenSLP heap-overflow vulnerability that VMware patched in February 2021. “A malicious ac