Black Arrow Cyber Advisory - 22 June 2023 – Critical RCE flaw in VMware exploited in the wild

22 Jun

An update from an advisory published on the 8th June 2023 by Black Arrow: https://www.blackarrowcyber.com/blog/advisory-08062023-barracuda-cisco-vmware-vulns

Executive summary

VMware has confirmed that exploitation of the critical rated CVE-2023-20887 has occurred in the wild. This vulnerability affects the VMware Aria Operations (formerly known as vRealize Network Insight) and allows a malicious actor with access to the network to perform remote code execution (RCE).

What’s the risk to me or my business?

The vulnerability, if exploited using command injection, could allow the attacker to have unrestricted access with root to compromise the confidentiality, integrity, and availability of data in your organisation.

Impacted versions include: VMware Aria Operations Networks version 6.x.

What can I do?

VMware have recommended applying patches which they have made available for the following versions: 6.2/6.3/6.4/6.5.1/6.6/6.7/6.8/6.9/6.10.

There are no workarounds for this vulnerability.

Further details on the VMware vulnerability can be found here: https://www.vmware.com/security/advisories/VMSA-2023-0012.html

Further details on the VMware patch can be found here: https://kb.vmware.com/s/article/92684

black arrowblack arrow threat advisorythreat advisoryblack arrow threat intelligencethreat intelligencevulnerabilityvulnerabilitiesexploitedactively exploitedvmware

Black Arrow Admin

Black Arrow Cyber Advisory - 22 June 2023 – Critical RCE flaw in VMware exploited in the wild

Black Arrow Cyber Advisory - 22 June 2023 – Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari

Black Arrow Cyber Threat Briefing 16 June 2023