Researchers to release VMware vRealize Log RCE exploit, patch now

2023-01-28 16:32

Security researchers with Horizon3's Attack Team will release an exploit targeting a vulnerability chain next week for gaining remote code execution on unpatched VMware vRealize Log Insight appliances.

Now known as VMware Aria Operations for Logs, vRealize Log Insight makes it easier for VMware admins to analyze and manage terabytes of infrastructure and application logs.

On Tuesday, VMware patched four security vulnerabilities in this log analysis tool, two of which are critical and allow attackers to execute code remotely without authentication.

On Thursday, Horizon3's Attack Team warned VMware admins that they've been able to create an exploit that chains three of the four flaws patched by VMware this week to execute code remotely as root.

All vulnerabilities are exploitable in the default configuration of VMware vRealize Log Insight appliances.

In May 2022, Horizon3 released another exploit for CVE-2022-22972, a critical authentication bypass vulnerability affecting multiple VMware products and allowing threat actors to gain admin privileges.

News URL

https://www.bleepingcomputer.com/news/security/researchers-to-release-vmware-vrealize-log-rce-exploit-patch-now/

#exploit #patch #RCE #researcher #vmware #CVE-2022-22972

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-20	CVE-2022-22972	Unspecified vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. network low complexity vmware critical	9.8

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Vmware		186	83	403	198	101	785

News URL

Related news

Related Vulnerability

Related vendor