Critical flaw in VMware Aria Operations for Networks sees mass exploitation

Read Time:1 Minute, 6 Second

Researchers warn that a vulnerability patched this month in VMware Aria Operations for Networks, formerly known as vRealize Network Insight, is now seeing exploitation en masse. The flaw allows for remote code execution through command injection and is rated with critical severity.

“New data from Akamai shows the scale of active scanning for sites vulnerable to CVE-2023-20887 is much greater than originally reported,” researchers from Akamai told CSO via email. “There have been 695,072 total attacks thus far by 508 unique IP addresses. Akamai has also observed more than 27,000 of its customers’ sites being scanned.”

Not the only VMware Aria Operations flaw

VMware released patches for the CVE-2023-20887 vulnerability on June 7, along with fixes for two other flaws in Aria Operations for Networks, one of which is also critical and can lead to remote code execution. While CVE-2023-20887 is a command injection flaw, the second vulnerability, tracked as CVE-2023-20888, is a deserialization issue. In programming languages, serialization is the process of transforming data into a byte stream for transmission to another application and deserialization is the reverse of that process. Because deserialization routines involve the parsing and interpretation of user-controlled data, they have been the source of many vulnerabilities.

To read this article in full, please click here

Read More

CVE-2020-23065

Read Time:11 Second

Cross Site Scripting vulnerabiltiy in eZ Systems AS uZPublish Platform v.5.4 and eZ Publish Legacy v.5.4 allows a remote authenticated attacker to execute arbitrary code via the video-js.swf.swf.

Read More

Latest MOVEit exploit hits thousands of NYC school students and staff

Read Time:29 Second

Personal data of over 45,000 public school students was compromised in a breach involving the file-transfer software MOVEit, according to a community letter sent to families and staff by the New York City Department of Education.

“DOE used MOVEit to transfer documents and data internally as well as to and from vendors, including third party special education service providers,” the letter said.  

The breach is the latest expoit of a SQL injection vulnerability found in MOVEit Transfer, a widely used file transfer software by Progress Software.

To read this article in full, please click here

Read More