Proof-of-concept exploit code has been released for a critical SSH authentication bypass vulnerability in VMware’s Aria Operations for Networks analysis tool.
Today, VMware confirmed that CVE-2023-34039 exploit code has been published online, two days after disclosing the critical security bug.
The proof-of-concept exploit targets all Aria Operations for Networks versions from 6.0 to 6.10, and it was developed and released by Summoning Team vulnerability researcher Sina Kheirkhah.
In July, VMware warned customers that exploit code was released online for a critical RCE flaw in the VMware Aria Operations for Logs analysis tool, patched in April.
VMware Aria vulnerable to critical SSH authentication bypass flaw.
VMware warns of exploit available for critical vRealize RCE bug.