Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Critical VMware Bug Exploit Code Released Into the Wild
The exploit code was brought to VMware's attention by an anonymous researcher, in tandem with the Trend Micro Zero Day Initiative.
1 Min Read
Source: Elena11 via Shutterstock
A critical security vulnerability in the VMware Aria Operations for Logs analysis tool for cloud management — known as CVE-202-20864 — now has an exploit available that allows threat actors to run arbitrary code as root, no user interaction necessary.
The flaw was originally patched in April, along with several security updates for less severe vulnerabilities. Now, VMware asserts that waiting any longer to apply the fixes to VMware software should be a nonstarter.
It is strongly advised that users apply the patches to this vulnerability to prepare for any incoming attacks should they arise, especially given that VMware is one of cyberattackers' favorite targets when it comes to the cloud.
"To remediate CVE-2023-20864 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below," VMware stated in its advisory regarding the issue.
About the Author(s)
You May Also Like
More Insights
Webinars
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024
