New VMware Mistake Renders Updates Useless

Virtualization services provider VMware has issued a warning to its customers about a recently corrected vulnerability in its product ARIA Operations for Logs. The vulnerability, identified as CVE-2023-34051, allows unauthorized attackers to remotely execute code with a CVSS score of 8.1.

The discovery of this vulnerability was credited to security firms Horizon3.ai and the Randori Attack teams, who reported the issue. Horizon3.ai even released a proof of concept (POC) for the vulnerability, which prompted VMware to revise and update its notification.

What makes CVE-2023-34051 significant is that it serves as a bypass for a series of critical vulnerabilities that were previously patched by VMware in January. These vulnerabilities had the potential to expose users to remote code execution (RCE) attacks. The existence of this new vulnerability means that hackers have found a new way to exploit previously patched vulnerabilities.

The CVE-2023-34051 vulnerability allows attackers to bypass authentication and potentially other security mechanisms, enabling them to remotely execute code on affected systems. This poses a significant risk as cybercriminals can exploit this RCE vulnerability to inject malicious code into systems, regardless of whether users have applied the recommended updates for previous vulnerabilities.

/Reports, release notes, official announcements.