Now on Demand: Threat Detection and Incident Response (TDIR) Summit - All Sessions Available
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

VMware Patches Serious Flaws in vRealize Operations for Horizon Adapter

VMware has patched serious vulnerabilities, including remote code execution and authentication bypass issues, in vRealize Operations for Horizon Adapter.

VMware has patched serious vulnerabilities, including remote code execution and authentication bypass issues, in vRealize Operations for Horizon Adapter.

VMware vRealize Operations is designed to deliver operational insights in an effort to simplify and automate the management of applications and infrastructure across virtual, physical and cloud environments. Horizon Adapter instances created on vRealize Operations Manager nodes enable users to receive communications from Horizon agents installed on virtual machines.

An Trinh of the cyber security division at Viettel, Vietnam’s largest telecommunications service provider, discovered that vRealize Operations for Horizon Adapter is affected by three vulnerabilities.

SecurityWeek reached out to Trinh for more information on the vulnerabilities, but the researcher said he did not want to share any additional details at this time.

According to VMware, the most serious of the flaws, tracked as CVE-2020-3943 and classified as critical, can allow remote code execution. The vulnerability can be exploited by an unauthenticated attacker with network access to vRealize Operations, with the Horizon Adapter running.

“vRealize Operations for Horizon Adapter uses a JMX RMI service which is not securely configured,” VMware said in an advisory.

The second vulnerability, tracked as CVE-2020-3944 and rated high severity, allows an unauthenticated attacker with access to the network to bypass Adapter authentication. VMware has blamed the vulnerability on “an improper trust store configuration.”

The third security hole uncovered by Trinh is an information disclosure issue caused by “incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View.”

Advertisement. Scroll to continue reading.

According to VMware, which classified this vulnerability as medium severity, an unauthenticated attacker may be able to obtain sensitive information that they can leverage to bypass the Adapter’s authentication mechanism.

All vulnerabilities affect vRealize Operations for Horizon Adapter 6.6.x and 6.7.x on Windows, and they have been patched with the release of versions 6.6.1 and 6.7.1. No workarounds are available.

Related: Vulnerabilities Found in VMware Tools, Workspace ONE SDK

Related: VMware Patches ESXi Vulnerability That Earned Hacker $200,000

Related: VMware Patches Six Vulnerabilities in Various Products

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

Intelligent document processing company ABBYY has hired Clayton C. Peddy as CISO.

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

More People On The Move

Expert Insights