VMware released patches for critical vRealize Log Insight vulnerabilities also known as Aria Operations for Logs on Tuesday. These software vulnerabilities can possibly expose users to remote code execution attacks.
Two of the vulnerabilities come with a severity rating of 9.8 out of a maximum of 10, that VMware declared in its first security bulletin for 2023. The vulnerabilities are tracked as CVE-2022-31706 and CVE-2022-31704. The issues linked with the directory traversal and broken access control can lead to exploitation by threat actors to achieve remote code execution irrespective of the difference in the attack pathway.
According to VMware, “An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.”
While the CVE-2022-31710 vulnerability with CVSS score: 7.5 can be weaponized by an unauthenticated attacker to trigger a denial-of-service (DoS) condition.
Additionally the vRealize Log Insight is susceptible to CVE-2022-31711 vulnerability with a CVSS score: 5.3, a disclosure bug that can permit access to sensitive session and application data without any authentication.
All flaws were reported by the Zero Day Initiative (ZDI). VMware has released version 8.10.2 to address the issues, as well as workarounds to mitigate them.
No indication has been found that the aforementioned vulnerabilities have been exploited in the wild, but threat actors often target VMware appliances in their attacks, so it’s essential that the fixes are applied as soon as possible.
PayPal Hackers Expose Customer Names and Social Security Numbers
Chinese Hackers deploy Golang Malware in DragonSpark Attacks to Evade Detection
Facebook Latest Features for End-to-End Encrypted Messenger App