Warning: Poc released for Critical vulnerability in the VMware Aria Operations for Logs analysis tool, Patch Immediately!
CVE-2023-20864 / 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
VMware Aria is an unified management solution for cloud native applications and multi-cloud environments.
An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.
The vulnerability has a HIGH impact on Confidentiality, Integrity, and Availability. Authentication, and user interaction are not required to exploit this vulnerability.
Exploit code for this vulnerability is now publicly available, this increases the risk on imminent exploitation.
CVE-2023-20864: Deserialization vulnerability
VMware Aria Operations for Logs contains a deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Logs can execute arbitrary code as the ROOT user on vulnerable systems.
The Centre for Cyber Security Belgium strongly recommends system administrators to visit VMWare’s Customer Portal to download and install the patched versions of this software.