Security News > 2023 > June > VMware warns of critical vRealize flaw exploited in attacks
VMware updated a security advisory published two weeks ago to warn customers that a now-patched critical vulnerability allowing remote code execution is being actively exploited in attacks.
This notice follows multiple warnings from cybersecurity firm GreyNoise, the first issued one week after VMware patched the security flaw on June 15 and just two days after security researcher Sina Kheirkhah shared technical details and proof-of-concept exploit code.
GreyNoise CEO Andrew Morris also alerted VMware admins of this ongoing malicious activity earlier today, which likely prompted VMware to update its advisory.
The vulnerability impacts VMware Aria Operations for Networks, a network analytics tool that helps admins optimize network performance or manage VMware and Kubernetes deployments.
Unauthenticated threat actors can exploit this command injection flaw in low-complexity attacks that don't require user interaction.
No workarounds are available to remove the attack vector for CVE-2023-20887, so admins must patch all VMware Aria Operations Networks 6.x on-prem installations to ensure they're secure from ongoing attacks.
News URL
Related news
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- Cyber attacks on critical infrastructure show advanced tactics and new capabilities (source)
- Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks (source)
- Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks (source)
- Critical Rust flaw enables Windows command injection attacks (source)
- Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks (source)
- Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack (source)
- Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks (source)
- Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack (source)
- Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-07 | CVE-2023-20887 | Command Injection vulnerability in VMWare Vrealize Network Insight Aria Operations for Networks contains a command injection vulnerability. | 9.8 |