Command Summoning Team Presents POC-Code for Critical Vulnerability in VMware ARIA Operations for Networks
Summoning Team recently discovered and eliminated a critical vulnerability in VMware ARIA Operations for Networks, previously known as Vrealize Network Insight. They presented a Proof of Concept (POC) code as evidence of the concept.
The vulnerability, known as CVE-2023-34039 (CVSS: 9.8), is described as a bypass of authentication due to the lack of generation of a unique cryptographic key. It allows an attacker with network access to Aria Operations for Networks to bypass SSH authentication and gain access to the CLI system. More information about this vulnerability can be found here.
According to Summoning Team, the vulnerability is caused by a bash script containing the “Refresh_SSH_KEYS()” method. This method is responsible for rewriting the current SSH-keypacks for Support and Ubuntu users in the “Authorized_keys” file. Although SSH authentication works, new keys are not generated. In versions from 6.0 to 6.10, the keys were rigidly set.
VMware Addresses Additional Vulnerability CVE-2023-20890
In addition to the above vulnerability, VMware has also addressed the vulnerability CVE-2023-20890. This vulnerability allows an attacker with administrative access to write files to arbitrary places and execute remote code. It means that a hacker could exploit the Proof of Concept (POC) to obtain administrative access and carry out arbitrary code execution. More information about this vulnerability can be found here.
In June, VMware reported that cybercriminals were actively exploiting the critical vulnerability in ARIA Operations for Networks. The vulnerability, known as CVE-2023-20887, enables an attacker with network access to perform a Command Injection attack and execute remote code on a