Blog | G5 Cyber Security

VMware patches critical vRealize Operations flaws that could lead to RCE

Vulnerabilities can be chained together to achieve unauthenticated remote code execution (RCE) on the underlying operating system. No PoC currently available and no mention of the vulnerabilities being exploited in the wild. Administrators advised to implement provided security patches or temporary workarounds as soon as possible. The vulnerabilities are present in vRealize Operations Manager 7.5.0, 8.1.0.1, and 8.3.0. Security updates are available and so are workaroys, which don’t have an impact on the system’s functionality.

Source: https://www.helpnetsecurity.com/2021/04/01/vmware-vrealize-operations-rce/

Exit mobile version