On Wednesday morning, May13, we were notified of the release of CVE-2015-3456 (aka Venom). This vulnerability allows an attacker to move from a guest VM under the attacker’s control to the host that the guest is running on. More information about the vulnerability is available at http://venom.crowdstrike.com.
Posted 13 May 2015 - 05:19 PM
Posted 13 May 2015 - 09:12 PM
This afternoon, we determined our Cloud LiveBoot infrastructure to be susceptible to CVE-2015-3456 (aka Venom). Barracuda Cloud operations has patched the vulnerability as of 10:00pm EDT.