VMware Addresses Critical Security Flaws in Logging Product

April 20, 2023

VMware, a virtualization technology giant, is facing significant security issues in its enterprise-facing log analysis product. The company released urgent patches on Thursday to address critical security flaws in the VMware Aria Operations for Logs (previously known as vRealize Log Insight) product line. The company has warned businesses about the risk of pre-authentication remote root exploits.

A critical-level advisory from VMware details two separate vulnerabilities — CVE-2023-20864 and CVE-2023-20865 — in the VMware Aria Operations for Logs suite. The advisory also provides guidance to help organizations mitigate these issues. The CVE-2023-20864 vulnerability allows an unauthenticated, malicious actor with network access to VMware Aria Operations for Logs to execute arbitrary code as root. This flaw has a CVSS severity score of 9.8 out of 10.

The second vulnerability, CVE-2023-20865, is a command injection issue with a CVSS score of 7.2 out of 10. The advisory states, “A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root.” VMware's security issues with the vRealize Logging product line are well-documented, as the company has patched several high-severity issues in the past and confirmed the release of exploit code targeting known software bugs. The VMWare vRealize product has been featured in the CISA KEV (Known Exploited Vulnerabilities) must-patch catalog.

VMware has previously patched VM escape flaws exploited at the Geekpwn event and confirmed the release of exploit code for critical vRealize Logging flaws. The company has also addressed high-severity vulnerabilities in the vRealize Operations product line. As organizations continue to face cybersecurity challenges, it is crucial to stay informed and apply necessary patches to protect against potential threats.

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.