Security News > 2023 > April > VMware fixes vRealize bug that let attackers run code as root
VMware addressed a critical vRealize Log Insight security vulnerability that allows remote attackers to gain remote execution on vulnerable appliances.
The bug is described as a deserialization vulnerability that can be abused to run arbitrary code as root on compromised systems.
Today, VMware also released security updates for a second security flaw that enables remote attackers with administrative privileges to execute arbitrary commands as root.
One week later, security researchers with Horizon3's Attack Team released proof-of-concept code to chain three of the four bugs to help attackers execute code remotely as root on compromised VMware vRealize appliances.
While just a few dozen VMware vRealize instances are exposed online, this is to be expected since such appliances are designed only to be accessed from inside organizations' networks.
It's not uncommon for attackers to exploit vulnerabilities affecting devices in already compromised networks, making properly configured yet vulnerable VMware appliances valuable internal targets.