Security News > 2020 > February > VMware Patches Serious Flaws in vRealize Operations for Horizon Adapter
VMware has patched serious vulnerabilities, including remote code execution and authentication bypass issues, in vRealize Operations for Horizon Adapter.
Horizon Adapter instances created on vRealize Operations Manager nodes enable users to receive communications from Horizon agents installed on virtual machines.
An Trinh of the cyber security division at Viettel, Vietnam's largest telecommunications service provider, discovered that vRealize Operations for Horizon Adapter is affected by three vulnerabilities.
The third security hole uncovered by Trinh is an information disclosure issue caused by "Incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View.".
All vulnerabilities affect vRealize Operations for Horizon Adapter 6.6.x and 6.7.x on Windows, and they have been patched with the release of versions 6.6.1 and 6.7.1.