Threat Advisories

A Critical Vulnerability uncovered in VMware Aria Operations for Networks

September 1, 2023

Threat Level

Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

Two vulnerabilities have been discovered in VMware Aria Operations for Networks (formerly vRealize Network Insight). The first vulnerability, CVE-2023-34039, is an authentication bypass that allows attackers to access the network CLI. The other vulnerability, CVE-2023-20890, enables remote code execution through arbitrary file write.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

Chinese Hacking Group Exploits Barracuda Zero-Day

Hive Pro Recognized in 2023 Gartner® Hype Cycle™ for Security Operations & Market Guide™ for Vulnerability Assessment