VMware vRealize vulnerabilities addressed

23 April 2023

BleepingComputer reports that VMware has issued a fix for two security flaws in its vRealize Log Insight, which has been renamed to VMware Aria Operations for Logs. Threat actors could exploit the critical deserialization vulnerability, tracked as CVE-2023-20864, to facilitate arbitrary code execution, while the other flaw, tracked as CVE-2023-20865, could be leveraged to allow arbitrary command execution as root for attackers with administrative privileges.

Read full article on SC Magazine

Date:

23 April 2023

Categorie(s):

NEWS

Tag(s):

IT, News, Virtualization, VMware, vRealize

Finnish online banking accounts subjected to Android malware attacks6 May 2024
New LockBit details to be divulged in reborn extortion site6 May 2024
Czechia, Germany targeted by long-term APT28 cyberespionage campaign6 May 2024
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices6 May 2024
What Palo Alto Networks and CrowdStrike Teach us About Using a Mobile Defense Platform6 May 2024