Security News > 2023 > July > VMware warns of exploit available for critical vRealize RCE bug
VMware warned customers today that exploit code is now available for a critical vulnerability in the VMware Aria Operations for Logs analysis tool, which helps admins manage terabytes worth of app and infrastructure logs in large-scale environments.
Recently, VMware issued another alert about a now-patched critical bug in VMware Aria Operations for Networks, allowing remote command execution as the root user and being actively exploited in attacks.
Although the number of online-exposed VMware vRealize instances is relatively low, it aligns with the intended design of these appliances, which primarily focus on internal network access within organizations.
VMware warns of critical vRealize flaw exploited in attacks.
VMware fixes critical vulnerabilities in vRealize network analytics tool.
Exploit released for MOVEit RCE bug used in data theft attacks.
News URL
Related news
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Mitel 0-day, 5-year-old Oracle RCE bug under active exploit (source)
- Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation (source)
- Hackers exploit critical unpatched flaw in Zyxel CPE devices (source)
- Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits (source)
- Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)