Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Exploit Code Published for Remote Root Flaw in VMware Logging Software

VMware confirmed that exploit code for CVE-2023-20864 has been published, underscoring the urgency for enterprise network admins to apply available patches.

Virtualization technology giant VMware on Monday warned that exploit code has been publicly released for a pre-authentication remote code execution flaw in its enterprise-facing VMware Aria Operations for Logs product.

In an update to a critical-level advisory originally released in April this year, VMware said it has confirmed that exploit code for CVE-2023-20864 has been published, underscoring the urgency for enterprise network admins to apply available patches.

The vulnerability, which carries a CVSS severity score of 9.8 out of 10, allows an unauthenticated, malicious actor with network access to VMware Aria Operations to execute arbitrary code as root, VMware said in its documentation of the CVE-2023-20864 flaw.

VMware Aria Operations for Logs, (formerly vRealize Log Insight), is a centralized log management tool that promises operational visibility and analytics for troubleshooting and auditing data flowing through private, hybrid and multi-cloud environments.

VMware’s security troubles with the vRealize Logging product line are well known. The company has patched several high-severity issues in the past and confirmed the release of exploit code targeting known software bugs.

The VMWare vRealize product has also been featured in the CISA KEV (Known Exploited Vulnerabilities) must-patch catalog.

Advertisement. Scroll to continue reading.

Related: VMware Patches Pre-Auth Code Execution Flaw

Related: VMware Fixes VM Escape Flaw Exploited at Geekpwn

Related: VMware Confirms Exploit Code for Critical vRealize Flaws

Related: VMware Plugs High-Severity Bugs in vRealize Operations

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

Mark Carter has been appointed Chief Information Security Officer at Socure.

Spektrum Labs has named Mark Cravotta Chief Operating Officer.

More People On The Move

Expert Insights

Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.