Black Arrow Cyber Advisory - 22 June 2023 – Critical RCE flaw in VMware exploited in the wild
An update from an advisory published on the 8th June 2023 by Black Arrow: https://www.blackarrowcyber.com/blog/advisory-08062023-barracuda-cisco-vmware-vulns
Executive summary
VMware has confirmed that exploitation of the critical rated CVE-2023-20887 has occurred in the wild. This vulnerability affects the VMware Aria Operations (formerly known as vRealize Network Insight) and allows a malicious actor with access to the network to perform remote code execution (RCE).
What’s the risk to me or my business?
The vulnerability, if exploited using command injection, could allow the attacker to have unrestricted access with root to compromise the confidentiality, integrity, and availability of data in your organisation.
Impacted versions include: VMware Aria Operations Networks version 6.x.
What can I do?
VMware have recommended applying patches which they have made available for the following versions: 6.2/6.3/6.4/6.5.1/6.6/6.7/6.8/6.9/6.10.
There are no workarounds for this vulnerability.
Further details on the VMware vulnerability can be found here: https://www.vmware.com/security/advisories/VMSA-2023-0012.html
Further details on the VMware patch can be found here: https://kb.vmware.com/s/article/92684