Critical Vulnerability Alert: VMware Aria Operations Networks at Risk from Remote Attacks

News

Aug 30, 2023THNVulnerability / Network Security

VMware has released software updates to correct two security vulnerabilities in Aria Operations for Networks that could be potentially exploited to bypass authentication and gain remote code execution.

The most severe of the flaws is CVE-2023-34039 (CVSS score: 9.8), which relates to a case of authentication bypass arising as a result of a lack of unique cryptographic key generation.

“A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI,” the company said in an advisory.

ProjectDiscovery researchers Harsh Jaiswal and Rahul Maini have been credited with discovering and reporting the issue.

Cybersecurity

The second weakness, CVE-2023-20890 (CVSS score: 7.2), is an arbitrary file write vulnerability impacting Aria Operations for Networks that could be abused by an adversary with administrative access to write files to arbitrary locations and achieve remote code execution.

Credited with reporting the bug is Sina Kheirkhah of Summoning Team, who previously uncovered multiple flaws in the same product, including CVE-2023-20887, which came under active exploitation in the wild in June 2023.

The vulnerabilities, which affect VMware Aria Operations Networks versions 6.2, 6.3, 6.4, 6.5.1, 6.6, 6.7, 6.8, 6.9, and 6.10, have been addressed in a series of patches released by VMware for each of the versions.

The virtualization services provider said that version 6.11.0 comes with fixes for the two flaws.

With security issues in VMware becoming a lucrative target for threat actors in the past, it’s imperative that users move quickly to update to the latest version to safeguard against potential threats.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Products You May Like

Articles You May Like

Infostealers Dominate as Lumma Stealer Detections Soar by Almost 400%
Ruijie Networks’ Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks
North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign
16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft
US and Japan Blame North Korea for $308m Crypto Heist

Leave a Reply

Your email address will not be published. Required fields are marked *