Security News > 2023 > January > Researchers to release VMware vRealize Log RCE exploit, patch now

Researchers to release VMware vRealize Log RCE exploit, patch now
2023-01-28 16:32

Security researchers with Horizon3's Attack Team will release an exploit targeting a vulnerability chain next week for gaining remote code execution on unpatched VMware vRealize Log Insight appliances.

Now known as VMware Aria Operations for Logs, vRealize Log Insight makes it easier for VMware admins to analyze and manage terabytes of infrastructure and application logs.

On Tuesday, VMware patched four security vulnerabilities in this log analysis tool, two of which are critical and allow attackers to execute code remotely without authentication.

On Thursday, Horizon3's Attack Team warned VMware admins that they've been able to create an exploit that chains three of the four flaws patched by VMware this week to execute code remotely as root.

All vulnerabilities are exploitable in the default configuration of VMware vRealize Log Insight appliances.

In May 2022, Horizon3 released another exploit for CVE-2022-22972, a critical authentication bypass vulnerability affecting multiple VMware products and allowing threat actors to gain admin privileges.


News URL

https://www.bleepingcomputer.com/news/security/researchers-to-release-vmware-vrealize-log-rce-exploit-patch-now/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-05-20 CVE-2022-22972 Unspecified vulnerability in VMWare products
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users.
network
low complexity
vmware
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Vmware 146 11 222 256 102 591