Cyber Attacks Explained x Pentera Labs: VMware vCenter CVE-2022-22948

Presented by

Yuval Lazar, Senior Security Researcher at Pentera, Oren Domaczewski, Product Manager at Pentera

About this talk

VMware has recently issued a patch for an Information Disclosure vulnerability CVE-2022-22948 discovered by the Pentera Labs team, impacting over 500,000 appliances. In the full attack vector, threat actors can completely take over an organization’s ESXis deployed in a hybrid infrastructure and virtual machines hosted and managed by the hypervisor from just endpoint access to a host with a vCenter client. This 20-minute overview with Pentera experts will discuss: -What is the presence of the vulnerability and will my existing scanner detect it? -What is the business impact of the vulnerability? -What can organizations do about it?
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (54)
Subscribers (1674)
Pentera is the category leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers, unfolding true, current security exposures at any moment, at any scale. Thousands of security professionals and service providers around the world use Pentera to guide remediation and close security gaps before they are exploited. For more info visit: