Connect with us

Business

VMware Warns Of A Critical VRealize RCE Exploit
Advertisement

Business

Binance Withdraws $118M Worth Of Crypto From Newly Created Wallet

Business

Blinken Leaves Beijing, Taiwan Reports Chinese Military Activity

Business

Naver To Consult South Korea After Japan's Pressure To Divest Stake

Business

Yen Plummets To 34-Year Low as Bank of Japan Maintains Interest Rates

Business

Workers United And Starbucks Made 'Significant Progress' This Week

Business

Profits At ExxonMobil Decline In The First Quarter As Natural Gas Prices Fall

Business

Euronext Boss Says $2 Billion CVC Debut Shows IPO Market Recovery

Business

Anglo American Miner Faces Takeover Interest As Elliott Takes $1 Billion Stake

Business

The Bank Of Japan Anticipates Higher Inflation In Fiscal 2024

Business

OpenDelta, A Bitcoin-Linked Stablecoin, Raises $2.5 Million

News Business World News

As US Looks to Seize Russia's Assets China Dumps US Treasury Bonds

Business

T-Mobile Invests $950 Million In Fiber Optic Network Provider Lumos

Business

Amazon's Cloud Computing Unit Will Invest $11 Billion In Northern Indiana

Business

Elon Musk in 2024: What You Should Know About Him!

Business

What's Behind Tesla's Stock Surge - Insights From Elon Musk

Business

Chipotle Beats Earnings Estimates With Resilient Foot Traffic, Margin Expansion

Business

ServiceNow's Q1 Results Are Overshadowed By Weak Guidance

Business

IBM Buys HashiCorp For $6.4 Billion, Reports Another Revenue Miss

Business

Over 1,000 UPMC Employees Have Been Laid Off Due To Layoffs

Business

VMware Warns Of A Critical VRealize RCE Exploit

Avatar of Salman Ahmad

Published

10 months ago

on

VMware Warns Of A Critical VRealize RCE Exploit

(CTN News) – In a warning to its customers today, VMware advised that exploit code for a critical vulnerability in the VMware Aria Operations for Logs analysis tool, which helps administrators manage terabytes worth of app and infrastructure logs in large-scale environments, is now available.

It was patched in April, and the vulnerability (CVE-2023-20864) is a vulnerability in the deserialization mechanism that allows unauthenticated attackers to gain remote execution on unpatched appliances.

The successful exploitation of this vulnerability enables threat actors to run arbitrary code as root as a result of low-complexity attacks that do not require interactive interaction with the user.

Earlier this week, VMware reported the publication of exploit code for CVE-2023-20864 as part of an update to the initial security advisory that it issued.

It is recommended that you patch CVE-2023-20864 immediately as per the instructions in the advisory, as it is a critical issue.

Besides that, VMware issued a security update in April to address a less serious command injection vulnerability (CVE-2023-20865) that could allow remote attackers with administrative privileges to execute arbitrary commands as root on vulnerable appliances if they had administrative privileges.

The two vulnerabilities have been fixed as part of the release of VMware Aria Operations for Logs 8.12. As far as we know, no evidence has been found to suggest that attacks might have exploited these vulnerabilities.

VMware Aria Operations flaws under attack

VMware recently issued another alert regarding a critical vulnerability (CVE-2023-20887) in VMware Aria Operations for Networks (formerly vRealize Network Insight), which allows remote command execution as the root user, and has been actively exploited in attacks.

It should also be noted that the CISA added this vulnerability to its list of known exploited vulnerabilities and ordered the U.S. Federal Government to apply security updates to their systems by July 13th.

Due to the nature of this vulnerability, it is highly recommended that administrators apply patches for CVE-2023-20864 as soon as possible as a precaution against potentially incoming attacks.

The number of VMware vRealize instances that are online-exposed is relatively low, but it is aligned with the intended design of these appliances, which are primarily designed to provide access to internal networks within organizations.

Even so, it’s important to take into account the fact that attackers often target vulnerable devices within compromised networks in order to take advantage of those vulnerabilities.

Even properly configured VMware appliances, which remain vulnerable, can be used as tempting targets within the internal infrastructure of targeted organizations if they remain vulnerable.

SEE ALSO:

Shares Of Alibaba nd Tencent Rise As China’s Tech Crackdown Ends

A Blow To India As Foxconn Dumps $19.5 Billion Vedanta Chip Plan

When is Amazon Prime Day 2023? Everything to know about the 48-hour sale
Related Topics:
Avatar of Salman Ahmad

Salman Ahmad is a seasoned writer for CTN News, bringing a wealth of experience and expertise to the platform. With a knack for concise yet impactful storytelling, he crafts articles that captivate readers and provide valuable insights. Ahmad's writing style strikes a balance between casual and professional, making complex topics accessible without compromising depth.

Continue Reading

CTN News App

CTN News App

Recent News

BUY FC 24 COINS

compras monedas fc 24

Volunteering at Soi Dog

Find a Job

Jooble jobs

Free ibomma Movies

ibomma , movierulz and ibomma telugu movies