[ad_1]
Virtualization companies supplier VMware has alerted clients to the existence of a proof-of-concept (PoC) exploit for a not too long ago patched safety flaw in Aria Operations for Logs.
Tracked as CVE-2023-34051 (CVSS rating: 8.1), the high-severity vulnerability pertains to a case of authentication bypass that might result in distant code execution.
“An unauthenticated, malicious actor can inject information into the working system of an impacted equipment which may end up in distant code execution,” VMware famous in an advisory on October 19, 2023.
James Horseman from Horizon3.ai and the Randori Assault Crew have been credited with discovering and reporting the flaw.
Horizon3.ai has since made accessible a PoC for the vulnerability, prompting VMware to revise its advisory this week.
It is value noting that CVE-2023-34051 is a patch bypass for a set of important flaws that have been addressed by VMware earlier this January that might expose customers to distant code execution assaults.
“This patch bypass wouldn’t be very troublesome for an attacker to seek out,” Horseman mentioned. “This assault highlights the significance of protection in depth. A defender cannot at all times belief that an official patch absolutely mitigates a vulnerability.”
The disclosure comes as Citrix launched an advisory of its personal, urging clients to use fixes for CVE-2023-4966 (CVSS rating: 9.4), a important safety vulnerability affecting NetScaler ADC and NetScaler Gateway that has come beneath lively exploitation within the wild.
“We now have studies of incidents per session hijacking, and have obtained credible studies of focused assaults exploiting this vulnerability,” the corporate mentioned this week, corroborating a report from Google-owned Mandiant.
The exploitation efforts are additionally more likely to ramp up within the coming days given the supply of a PoC exploit, dubbed Citrix Bleed.
“Right here we noticed an attention-grabbing instance of a vulnerability attributable to not absolutely understanding snprintf,” Assetnote researcher Dylan Pindur mentioned.
“Although snprintf is beneficial because the safe model of sprintf it’s nonetheless vital to watch out. A buffer overflow was prevented through the use of snprintf however the subsequent buffer over-read was nonetheless a problem.”
The lively exploitation of CVE-2023-4966 has prompted the U.S. Cybersecurity and Infrastructure Safety Company (CISA) to add it to the Identified Exploited Vulnerabilities (KEV) catalog, requiring federal companies within the U.S. to use the most recent patches by November 8, 2023.
The most recent developments additionally comply with the discharge of updates for 3 important distant code execution vulnerabilities in SolarWinds Entry Rights Supervisor (CVE-2023-35182, CVE-2023-35185, and CVE-2023-35187, CVSS scores: 9.8) that distant attackers may use to run code with SYSTEM privileges.
[ad_2]