CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being exploited in the wild. There are no workarounds to mitigate the risk of exploitation – enterprise admins are advised to upgrade their deployments with patches. CVE-2023-20887 exploited CVE-2023-20887 is one of three vulnerabilities recently discovered by Sina Kheirkhah of Summoning Team and an anonymous researcher and privately reported to VMware. “A malicious actor with network … More
The post VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887) appeared first on Help Net Security.