VMware has launched software program updates to appropriate two security vulnerabilities in Aria Operations for Networks that may very well be doubtlessly exploited to bypass authentication and achieve distant code execution.
Probably the most extreme of the issues is CVE-2023-34039 (CVSS rating: 9.8), which pertains to a case of authentication bypass arising because of a scarcity of distinctive cryptographic key technology.
“A malicious actor with community entry to Aria Operations for Networks may bypass SSH authentication to achieve entry to the Aria Operations for Networks CLI,” the corporate stated in an advisory.
ProjectDiscovery researchers Harsh Jaiswal and Rahul Maini have been credited with discovering and reporting the difficulty.
The second weak point, CVE-2023-20890 (CVSS rating: 7.2), is an arbitrary file write vulnerability impacting Aria Operations for Networks that may very well be abused by an adversary with administrative entry to write down information to arbitrary places and obtain distant code execution.
Credited with reporting the bug is Sina Kheirkhah of Summoning Staff, who beforehand uncovered a number of flaws in the identical product, together with CVE-2023-20887, which got here underneath energetic exploitation within the wild in June 2023.
The vulnerabilities, which have an effect on VMware Aria Operations Networks variations 6.2, 6.3, 6.4, 6.5.1, 6.6, 6.7, 6.8, 6.9, and 6.10, have been addressed in a sequence of patches launched by VMware for every of the variations.
The virtualization companies supplier stated that model 6.11.0 comes with fixes for the 2 flaws.
Provided that security points in VMware have emerged as a profitable goal for risk actors prior to now, it is crucial that customers transfer shortly to replace to the newest model to safeguard towards potential threats.