VMware warns of exploit available for critical vRealize RCE bug


In a serious vulnerability in the VMware Aria Operations for Logs analysis tool, which lets administrators manage terabytes of app and infrastructure logs in large-scale systems, VMware alerted customers today that attack code is already accessible. When low-complexity attacks that don’t require user input are successfully exploited, threat actors are then able to execute any arbitrary code as root.

Unauthenticated attackers can get remote execution on unpatched appliances thanks to the vulnerability (CVE-2023-20864), a deserialization hole that was addressed in April. In an update to the original security alert, VMware stated that “exploit code for CVE-2023-20864 has been published.“It is urgent to fix CVE-2023-20864 in accordance with the guidelines in the advisory since it is a critical flaw.

Read More…