A couple of serious vulnerabilities patched recently by VMware in its vRealize Operations (vROps) product can pose a significant risk to organizations, according to a researcher involved in the discovery of the security bugs.
The vROps IT operations management product, specifically the vRealize Operations Manager API, is affected by a server-side request forgery (SSRF) vulnerability tracked as CVE-2021-21975, and an arbitrary file write issue tracked as CVE-2021-21983.
According to VMware, the SSRF flaw can allow an attacker with network access to the API to obtain administrative credentials. The second vulnerability allows an authenticated attacker to write files to arbitrary locations on the underlying Photon operating system.
VMware has credited Egor Dimitrenko, a researcher at cybersecurity firm Positive Technologies, for finding the vulnerabilities. Dimitrenko told SecurityWeek that an attacker can chain the vulnerabilities to remotely execute arbitrary code on a server.
The expert warned that in a real-world attack, the vulnerabilities can give threat actors “unlimited opportunities to carry out further attacks on a company’s infrastructure.”
VMware has patched the vulnerabilities in all impacted versions of vRealize Operation Manager, as well as in Cloud Foundation and vRealize Suite Lifecycle Manager. Based on their CVSS score, the vulnerabilities should have a severity rating of “high,” but the virtualization giant’s advisory lists them as “critical.”
It’s important that organizations using vROps patch these vulnerabilities as soon as possible as they could end up being exploited for malicious purposes.
In February, hackers started to scan the internet for VMware vCenter servers affected by a critical vulnerability that was also discovered by researchers at Positive Technologies. The scanning began just one day after VMware announced the availability of patches. However, in that case, PoC exploit code was quickly made available and it had been known that thousands of potentially vulnerable servers were directly accessible from the internet.
Related: VMware Patches Vulnerabilities Exploited at Chinese Hacking Contest
Related: Patch for Critical VMware ESXi Vulnerability Incomplete
Related: Vulnerability in VMware vSphere Replication Can Facilitate Attacks on Enterprises
Related: VMware Patches Remote Code Execution Vulnerability in View Planner
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Intel Boasts Attack Surface Reduction With New 13th Gen Core vPro Platform
- Dole Says Employee Information Compromised in Ransomware Attack
- High-Severity Vulnerabilities Found in WellinTech Industrial Data Historian
- CISA Expands Cybersecurity Committee, Updates Baseline Security Goals
- Exploitation of 55 Zero-Day Vulnerabilities Came to Light in 2022: Mandiant
- Organizations Notified of Remotely Exploitable Vulnerabilities in Aveva HMI, SCADA Products
- Waterfall Security, TXOne Networks Launch New OT Security Appliances
- Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm
Latest News
- Intel Co-founder, Philanthropist Gordon Moore Dies at 94
- Google Leads $16 Million Investment in Dope.security
- US Charges 20-Year-Old Head of Hacker Site BreachForums
- Tesla Hacked Twice at Pwn2Own Exploit Contest
- CISA Ships ‘Untitled Goose Tool’ to Hunt for Microsoft Azure Cloud Infections
- Critical WooCommerce Payments Vulnerability Leads to Site Takeover
- PoC Exploit Published for Just-Patched Veeam Data Backup Solution Flaw
- CISA Gets Proactive With New Pre-Ransomware Alerts
