Security News > 2023 > January > Exploit released for critical VMware vRealize RCE vulnerability

Exploit released for critical VMware vRealize RCE vulnerability
2023-01-31 16:14

Horizon3 security researchers have released proof-of-concept code for a VMware vRealize Log Insight vulnerability chain that allows attackers to gain remote code execution on unpatched appliances.

Earlier today, Horizon3 published the PoC exploit and explained that the RCE exploit "Abuses the various Thrift RPC endpoints to achieve an arbitrary file write."

Although there are no public reports of attacks leveraging this exploit chain and no attempts to exploit it in the wild, resourceful and motivated threat actors will likely move quickly to adopt Horizon3's RCE exploit or create their own custom versions.

Last year, Horizon3 researchers also released an exploit for CVE-2022-22972, a critical authentication bypass security flaw affecting multiple VMware products and allowing a malicious actor to gain admin privileges on unpatched instances.

Researchers to release VMware vRealize Log RCE exploit, patch now.

Exploit released for critical ManageEngine RCE bug, patch now.


News URL

https://www.bleepingcomputer.com/news/security/exploit-released-for-critical-vmware-vrealize-rce-vulnerability/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-05-20 CVE-2022-22972 Unspecified vulnerability in VMWare products
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users.
network
low complexity
vmware
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Vmware 186 83 405 205 107 800