GuardiCore Labs To Disclose Vulnerability In VMware vSphere At Black Hat USA 2017: From vSphere User To Guest Remote Code Execution


Session to Address Vulnerability That May Allow a vSphere User to Take Over Data Center Guest Machines

SAN FRANCISCO and TEL AVIV, Israel, July 19, 2017 /PRNewswire/ -- GuardiCore, a leader in internal data center and cloud security, today announced it would unveil a significant vulnerability affecting all recent VMware vSphere versions including 6.5, 6.0, 5.5 and provide mitigation at the upcoming Black Hat USA 2017.

In his session entitled, Escalating Insider Threats Using VMware's API, scheduled for July 27, 9:00 AM, Ofri Ziv, Head of GuardiCore Labs, will unveil a vulnerability in the VMware vSphere platform, today's number one data center virtualization solution. A malicious actor can break the security model of host-guest isolation - crucial for compliance and defense - and gain root privileges on guest machines. As part of his session, Ziv will demo the attack and show how this vulnerability can be mitigated. GuardiCore Labs reported the issue to VMware on May 27, 2017 and a security advisory will be released by VMware after the Black Hat session.

"Today's dynamic and virtualized environments present evolving security challenges and demand strict attention to policy and infrastructure management," said Ziv. "Through the VMware example, we hope to shed light on the continued importance of monitoring and enforcing privileges in the modern data center."

GuardiCore Labs is a global cyber security research team that conducts in-depth research and analysis, providing the security industry with actionable insights into the latest and most advanced threats facing data centers and clouds. GuardiCore Labs delivers cutting-edge breach detection and response methodologies to help GuardiCore customers continually enhance their security posture to protect critical business applications and infrastructure. GuardiCore Labs' recent, high-profile threat discoveries include the Bondnet botnet used to mine different cryptocurrencies, a variant of the MongoDB ransomware attack targeting MySQL databases, the Trojan.sysscan malware and the Infection Monkey that was presented at Black Hat 2016.

About GuardiCore

GuardiCore is an innovator in internal data center and cloud security focused on delivering more accurate and effective ways to stop advanced threats through real-time breach detection and response. Developed by the top cyber security experts in their field, GuardiCore is changing the way organizations are fighting cyber attacks in their data centers. For more information, visit

Cinthia Portugal
Guyer Group


View original content with multimedia:

SOURCE GuardiCore


Journalists and Bloggers

Visit PR Newswire for Journalists for releases, photos and customised feeds just for media.

View and download archived video content distributed by MultiVu on The Digital Center.


Get content for your website

Enhance your website's or blog's content with PR Newswire's customised real-time news feeds.
Start today.



Contact PR Newswire

Send us an email at or call us at +972-77-2005042



Become a PR Newswire client

Send us an email at or call us at +972-77-2005042


  1. Products & Services
  2. News Releases
  3. Contact Us