Rackspace Response to ‘ESXiArgs’ Ransomware Attack

by Marc Nourani, Director, Incident Change Problem Management Operations, Rackspace Technology

Rackspace Technology is aware of an update to the previously published OpenSLP security vulnerability (CVE-2021-21974) impacting VMware ESXi. Our partner VMware published an article available here: https://blogs.vmware.com/security/2023/02/83330.html. When the vulnerability was first announced in February 2021, Rackspace engineers performed the initial assessment and notified affected customers if further action was needed.

Rackspace standard VMware environments are designed with an architecture that prevents public access to VMware vCenters and Hypervisors – this design decreases the risk of exploitation of this vulnerability.

Out of an abundance of caution and in response to this updated CVE article, Rackspace engineers disabled the OpenSLP service advised by VMware to increase the mitigation efforts on our managed VMware environments. 

Additionally, our security teams will continue to actively monitor the situation and, to date, have not identified any associated impacted systems. 

If you have any questions, please contact a member of your support team via https://www.rackspace.com/login.

A red image with text "Subscribe to the Rackspace Insights Newsletter" with a "Subscribe now" button. A mail icon is positioned to the right of the text.

Blog Links

Rackspace Insights

FAIR AI Insights

Newsroom

Investor Relations

Media Kit

Contact us for assistance or questions

Contact us