Threat Advisory

VMware discloses 3 high severity bugs in their network monitoring tool

June 9, 2023 | By Accorian

VMware, a provider of virtualization and cloud computing services, has released security upgrades to address three vulnerabilities in the Aria Operations for Networks weaknesses that might expose user information and allow remote code execution. The tool, named Aria, offers network visibility and analytics to speed micro-segmentation security, reduce risk during application migration, and enhance network performance. Versions 6.2, 6.3, 6.4, 6.5.1, 6.6, 6.7, 6.8, 6.9, and 6.10 are susceptible to the attacks.

CVE 2023-20887 is a command injection vulnerability with a CVSS severity score of 9.8, allowing an attacker to execute code remotely. The second, a 9.1 severity authentication deserialization flaw (CVE 2023-20888), permits remote code execution as well. A malicious actor may potentially execute remote code if they had network access to VMware Aria Operations for Networks and were an authorized member. The third vulnerability (CVE 2023-20889), rated 8.8, permits command injection attacks that could enable an attacker to get access to sensitive data.

According to a statement made by VMware, there is no proof that attackers have leveraged the vulnerabilities to carry out any attacks. All three vulnerabilities have been patched, and according to VMware, there are no additional workarounds at this time. Accorian recommends applying all the patches to protect their environment.


Threat Advisory Team 


Recent Post

Ready to Start?

Ready to Start?​

Drop your CVs to

Interested Position

Download Case study

Download SOC2 Guide