Today, a new vulnerability called VENOM was announced in CVE-2015-3456. It stands for “Virtualized Environment Neglected Operations Manipulation” which sounds, frankly, like an indictment of anyone aloof enough to let it sneak up on them. And wading through other blog posts on the subject—with their snake-related clipart and all—is like looking through the first few pages of the book when you visit a tattoo shop. Here’s the gist from its discoverers at CrowdStrike:
“VENOM, CVE-2015-3456, is a security vulnerability in the virtual floppy drive code used by many computer virtualization platforms. This vulnerability may allow an attacker to escape from the confines of an affected virtual machine (VM) guest and potentially obtain code-execution access to the host. Absent mitigation, this VM escape could open access to the host system and all other VMs running on that host, potentially giving adversaries significant elevated access to the host’s local network and adjacent systems.”
Essentially, affected VMs that are successfully exploited may allow an attacker to break out of that VM and go hog-wild. It only affects platforms using QEMU’s Virtual Floppy Disk Controller, which means Xen, VirtualBox, KVM, and QEMU itself. Hyper-V and VMWare aren’t affected.
Here’s why it’s important: You know when you’re setting up a VM and there’s that option to include a virtual floppy drive? Well, good job, that VM may be vulnerable regardless of the OS installed on it. And on some hypervisors, the vulnerable code may present and active regardless of whether your VM has the virtual floppy installed or not. Ooooh, mama.
The first key to solving this crisis is knowledge of what you’ve got. With UpGuard’s agentless system scan and universal search, you’d know in moments not only which hypervisor versions you’re running and where, but whether any of your affected VMs may or may not have this devil floppy controller installed.
Whether it’s VENOM, Shell Shock, Heartbleed, or the next vulnerability-of-the-week, robust config scanning is more a necessity now than it ever has been. UpGuard is trusted by customers like Cisco, Microsoft, and Boy Scouts of America to give deeper insight into their environments like never before. Learn more about what UpGuard is capable of with a free guided demo.
So how do events like 000webhost's massive data breach involving free web hosting providing 000webhost transpire? In a word, negligence. Gross negligence, to be precise.
Read Blog >
Access to free vulnerability assessment should be a basic right in a world where computing is integral to social and economic life. For our part, we're offering our full product, including vulnerability assessment, free forever for a user's first ten machines.
Read Blog >