Alert! Critical Vulnerability in VMware’s Aria Operations Networks Exploited by Hackers
VMware’s Aria Operations Networks is a software-defined networking (SDN) solution offered by VMware, a prominent technology company specializing in virtualization and cloud computing. Aria improves network agility, efficiency, and security within data centers.
VMware’s Aria Operations Networks recently discovered a serious problem in Aria Operations for Networks (previously called vRealize Network Insight). They found a vulnerability that could let bad actors attack the system and take control of it remotely.
This issue, identified as CVE-2023-20887, is a critical command injection flaw. It means that if someone with network access to the product exploits this vulnerability, they can inject harmful commands and run code on the system without permission.
It is important to be aware of this because hackers are actively exploiting the vulnerability in the real world, using it to attack systems right now.
To ensure security, it is crucial to stay up to date.
To stay safe, it’s crucial to keep your Aria Operations for Networks software up to date with the latest patches and security fixes. By doing so, you can protect yourself from this dangerous vulnerability and prevent any unauthorized code execution.
The company VMware has officially confirmed that the vulnerability known as CVE-2023-20887 has been actively exploited in real-world situations.
The threat intelligence firm GreyNoise gathered data showing that hackers are actively exploiting the vulnerability, known as CVE-2023-20887, from two IP addresses in the Netherlands. Researcher Sina Kheirkhah from the Summoning Team initially identified and reported the flaw. Kheirkhah explained that the vulnerability consists of two problems that, when combined, allow attackers without authentication to execute code remotely,report said.
The rapid exploitation of newly discovered vulnerabilities by state actors or financially motivated groups remains a significant threat to organizations worldwide. Mandiant’s report exposed active exploitation of VMware Tools vulnerability (CVE-2023-20867) by UNC3886, a suspected Chinese actor, to implant backdoors in Windows and Linux hosts.
For enhanced security, it is highly recommended that users of Aria Operations for Networks update to the most recent version without delay in order to minimize any potential risks,for more..