VMware has reported that a recently patched critical command injection vulnerability in Aria Operations for Networks (formerly vRealize Network Insight) is being exploited in the wild.
Defects are tracked as CVE-2023-20887a malicious attacker with network access to the product may be able to perform a command injection attack, resulting in remote code execution.
This affects VMware Aria Operations Networks version 6.x and a fix will be released in versions 6.2, 6.3, 6.4, 6.5.1, 6.6, 6.7, 6.8, 6.9, and 6.10 on June 7, 2023.
According to an update shared by the virtualization service provider on June 20th, this flaw has been weaponized in real-world attacks, though the exact details are still unknown.
“VMware has confirmed that CVE-2023-20887 is being exploited in the wild,” the company said.
Data collected by threat intelligence firm GreyNoise shows that this flaw is being actively exploited from two different IP addresses located in the Netherlands.
This development came after Summons team researcher Sina Kheirkhah, who identified and reported the flaw, released a proof-of-concept (PoC) exploit for the bug.
“This vulnerability consists of a chain of two issues leading to remote code execution (RCE) that can be exploited by an unauthenticated attacker,” Kheirkhah said.
🔐 Mastering API Security: Understanding Your True Attack Surface
Discover untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join us for an insightful webinar!
join the session
On the contrary, the speed with which state actors and fundraising groups are able to turn around newly discovered vulnerabilities and exploit them for their own benefit continues to pose a major threat to organizations around the world.
This disclosure follows a report by Mandiant that found another flaw in VMware Tools (CVE-2023-20867) being actively exploited by a Chinese actor dubbed UNC3886 to backdoor Windows and Linux hosts. will also continue.
Aria Operations for Networks users are encouraged to update to the latest version as soon as possible to reduce potential risks.
