What is Venom Vulnerability?
VIRTUALIZED ENVIRONMENT NEGLECTED OPERATIONS MANIPULATION or VENOM vulnerability has been uncovered by crowdstrike. According to senior security researcher Jason Geffner this vulnerability resides in QEMU’s virtual Floppy Disk Controller (FDC) used by many Vplatforms. VENOM allows attackers to escalate privileges and gain code-execution access.
Venom vulnerability causes a serious risk to Intellectual Property and Personally Identifiable Information, which would may endanger data centers all around the globe.
How To Exploit?
In order to exploit Venom vulnerability, attacker needs to use a guest virtual machine and have access to floppy disk controller I/O ports. On Linux machine attacker would require root access, but on Windows literally anyone would be able to access floppy disk controllers.
Some specialists tend to compare Venom to Heartbleed, but currently Venom vulnerability may not have such impact as Heartbleed, which allowed hackers to attack Millions of assets with a simple vulnerability.
Venom would be useful for corporate espionage, but not only, because of its ability to gain access to private information
Patches
Affected vendors have already released patches to this vulnerability. Please follow links to learn more:
Photo courtesy Forbes