CVE-2023-20887: VMware Aria Operations for Networks Command Injection 

On June 7, VMware published an advisory (VMSA-2023-0012.1) to address three vulnerabilities in VMware Aria Operations for Networks, formerly known as vRealize Network Insight (vRNI), a solution for building secure network infrastructure in hybrid and multi-cloud environments. Two of the vulnerabilities disclosed in this advisory are rated as critical. Of these critical vulnerabilities, CVE-2023-20887 is the most concerning due to the availability of public proof-of-concept (PoC) code. 

CVE-2023-20887 is a command injection vulnerability in VMware Aria Operations for Networks which can be leveraged to achieve remote code execution (RCE). A detailed writeup and PoC code for CVE-2023-20887 was released by the researcher credited with the discovery of two of the three vulnerabilities. As the blog post points out, another anonymous researcher reported the flaw to ZDI first and VMware’s advisory attributed CVE-2023-20887 to “Anonymous” working with ZDI.

For more information about this vulnerability and the additional vulnerabilities patched by VMware, including the availability of patches and Tenable product coverage, please visit our blog.