Security News > 2023 > October > Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities
2023-10-25 04:47
Virtualization services provider VMware has alerted customers to the existence of a proof-of-concept (PoC) exploit for a recently patched security flaw in Aria Operations for Logs. Tracked as CVE-2023-34051 (CVSS score: 8.1), the high-severity vulnerability relates to a case of authentication bypass that could lead to remote code execution. "An unauthenticated, malicious actor can inject files
News URL
https://thehackernews.com/2023/10/alert-poc-exploits-released-for-citrix.html
Related news
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- New Security Flaws Found in VMware Tools and CrushFTP — High Risk, PoC Released (source)
- Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices (source)
- PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-20 | CVE-2023-34051 | Incorrect Authorization vulnerability in VMWare Aria Operations for Logs VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution. | 9.8 |