Security News > 2023 > October > VMware warns admins of public exploit for vRealize RCE flaw
VMware warned customers on Monday that proof-of-concept exploit code is now available for an authentication bypass flaw in vRealize Log Insight.
"Updated VMSA to note that VMware has confirmed that exploit code for CVE-2023-34051 has been published," the company said in an update to the original advisory.
When Horizon3 security researchers released a VMSA-2023-0001 PoC exploit one week after the company pushed security updates, they explained that their RCE exploit "Abuses the various Thrift RPC endpoints to achieve an arbitrary file write."
Threat actors frequently exploit vulnerabilities within previously compromised networks for lateral movement, making vulnerable VMware appliances valuable internal targets.
In June, VMware warned customers about another critical remote code execution vulnerability in VMware Aria Operations for Networks being exploited in attacks.
Exploit released for critical VMware SSH auth bypass vulnerability.
News URL
Related news
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-20 | CVE-2023-34051 | Incorrect Authorization vulnerability in VMWare Aria Operations for Logs VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution. | 9.8 |