VENOM Vulnerability

What is Venom Vulnerability?

VIRTUALIZED ENVIRONMENT NEGLECTED OPERATIONS MANIPULATION or VENOM vulnerability has been uncovered by crowdstrike. According to senior security researcher Jason Geffner this vulnerability resides in QEMU’s virtual Floppy Disk Controller (FDC) used by many Vplatforms. VENOM allows attackers to escalate privileges and gain code-execution access.

Venom vulnerability causes a serious risk to Intellectual Property and Personally Identifiable Information, which would may endanger data centers all around the globe.

How To Exploit?

In order to exploit Venom vulnerability, attacker needs to use a guest virtual machine and have access to floppy disk controller I/O ports. On Linux machine attacker would require root access, but on Windows literally anyone would be able to access floppy disk controllers.

Some specialists tend to compare Venom to Heartbleed, but currently Venom vulnerability may not have such impact as Heartbleed, which allowed hackers to attack Millions of assets with a simple vulnerability.

Venom would be useful for corporate espionage, but not only, because of its ability to gain access to private information

Patches

Affected vendors have already released patches to this vulnerability. Please follow links to learn more:

QEMU – Patch

XEN – PATCH

Linux Redhat – Patch

Photo courtesy Forbes

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.