Security News > 2023 > October > VMware warns admins of public exploit for vRealize RCE flaw

VMware warns admins of public exploit for vRealize RCE flaw
2023-10-24 14:53

VMware warned customers on Monday that proof-of-concept exploit code is now available for an authentication bypass flaw in vRealize Log Insight.

"Updated VMSA to note that VMware has confirmed that exploit code for CVE-2023-34051 has been published," the company said in an update to the original advisory.

When Horizon3 security researchers released a VMSA-2023-0001 PoC exploit one week after the company pushed security updates, they explained that their RCE exploit "Abuses the various Thrift RPC endpoints to achieve an arbitrary file write."

Threat actors frequently exploit vulnerabilities within previously compromised networks for lateral movement, making vulnerable VMware appliances valuable internal targets.

In June, VMware warned customers about another critical remote code execution vulnerability in VMware Aria Operations for Networks being exploited in attacks.

Exploit released for critical VMware SSH auth bypass vulnerability.


News URL

https://www.bleepingcomputer.com/news/security/vmware-warns-admins-of-public-exploit-for-vrealize-rce-flaw/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-10-20 CVE-2023-34051 Incorrect Authorization vulnerability in VMWare Aria Operations for Logs
VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.
network
low complexity
vmware CWE-863
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Vmware 183 86 398 192 100 776