For full functionality of this site it is necessary to enable JavaScript. Here are the instructions how to enable JavaScript in your web browser.

Close

Not a member yet? Register now and get started.

lock and key

Sign in to your account.

Account Login

Venom Vulnerability Exposes Most Data Centers to Cyber Attacks

A security researcher disclosed the vulnerability in the virtual Floppy Drive Code used by many computer virtualization platforms.

Vulnerability VENOM, attacker can easily escape from the confines of virtual machine guest and exploit the code-execution access to the host. This may result in elevated access to the host’s local network and adjacent systems.

By exploiting the VENOM vulnerability one can get access to corporate intellectual property (IP), sensitive and personally identifiable information (PII), which will potentially affect thousands of organizations and millions of end user’s connectivity, storage, security, and privacy.

According to the researcher, the bug is in QEMU’s virtual Floppy Disk Controller (FDC), notably used in Xen, KVM, and the native QEMU client. Whereas VMware, Microsoft Hyper-V, and Bochs hypervisors are not impacted by this vulnerability. Flaws like Venom are typically used in a highly targeted attack such as corporate espionage, cyber warfare or other targeted attacks of these kinds.