Security News > 2023 > June > VMware warns of critical vRealize flaw exploited in attacks

VMware warns of critical vRealize flaw exploited in attacks
2023-06-20 19:46

VMware updated a security advisory published two weeks ago to warn customers that a now-patched critical vulnerability allowing remote code execution is being actively exploited in attacks.

This notice follows multiple warnings from cybersecurity firm GreyNoise, the first issued one week after VMware patched the security flaw on June 15 and just two days after security researcher Sina Kheirkhah shared technical details and proof-of-concept exploit code.

GreyNoise CEO Andrew Morris also alerted VMware admins of this ongoing malicious activity earlier today, which likely prompted VMware to update its advisory.

The vulnerability impacts VMware Aria Operations for Networks, a network analytics tool that helps admins optimize network performance or manage VMware and Kubernetes deployments.

Unauthenticated threat actors can exploit this command injection flaw in low-complexity attacks that don't require user interaction.

No workarounds are available to remove the attack vector for CVE-2023-20887, so admins must patch all VMware Aria Operations Networks 6.x on-prem installations to ensure they're secure from ongoing attacks.


News URL

https://www.bleepingcomputer.com/news/security/vmware-warns-of-critical-vrealize-flaw-exploited-in-attacks/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-06-07 CVE-2023-20887 Command Injection vulnerability in VMWare Aria Operations for Networks
Aria Operations for Networks contains a command injection vulnerability.
network
low complexity
vmware CWE-77
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Vmware 146 11 222 256 102 591