Rackspace Response to ‘ESXiArgs’ Ransomware Attack
by Marc Nourani, Director, Incident Change Problem Management Operations, Rackspace Technology
Rackspace Technology is aware of an update to the previously published OpenSLP security vulnerability (CVE-2021-21974) impacting VMware ESXi. Our partner VMware published an article available here: https://blogs.vmware.com/security/2023/02/83330.html. When the vulnerability was first announced in February 2021, Rackspace engineers performed the initial assessment and notified affected customers if further action was needed.
Rackspace standard VMware environments are designed with an architecture that prevents public access to VMware vCenters and Hypervisors – this design decreases the risk of exploitation of this vulnerability.
Out of an abundance of caution and in response to this updated CVE article, Rackspace engineers disabled the OpenSLP service advised by VMware to increase the mitigation efforts on our managed VMware environments.
Additionally, our security teams will continue to actively monitor the situation and, to date, have not identified any associated impacted systems.
If you have any questions, please contact a member of your support team via https://www.rackspace.com/login.
Recent Posts
From Data Rich to Insight Rich: A Cloud Charter for 2025
September 2nd, 2025
The Future of Cloud Migrations: Leveraging Generative AI for Fast and Cost-Effective Results
August 18th, 2025
Scaling Landing Zone Customizations on AWS
May 2nd, 2025
Deploy Palo Alto Firewall on Google Cloud
March 13th, 2025