Critical RCE flaw impacts VMware Aria Operations Networks

VMware fixed two security flaws in Aria Operations for Networks that could be exploited to bypass authentication and gain remote code execution.

VMware has released security updates to address two vulnerabilities in Aria Operations for Networks, respectively tracked as CVE-2023-34039 (CVSS score: 9.8) and CVE-2023-20890 (CVSS score: 7.2).

The vulnerability CVE-2023-34039 is an authentication bypass issue that is caused by the lack of unique cryptographic key generation.

“Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation.” reads the advisory published by the company. “A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.”

The vulnerability was discovered by Harsh Jaiswal and Rahul Maini at ProjectDiscovery Research.

The second CVE-2023-20890 vulnerability is an arbitrary file write issue that could be exploited by an attacker with administrative access to write files to arbitrary locations and potentially achieve remote code execution.

“An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution.” reads the advisory.

The flaw was reported by Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam).

The vulnerabilities impact Aria Operations Networks versions 6.2, 6.3, 6.4, 6.5.1, 6.6, 6.7, 6.8, 6.9, and 6.10, version 6.11.0 addresses both flaws.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, VMware)