CISA flags VMware Aria Operations RCE flaw as exploited in attacks
Summary
CISA has added a critical remote code execution (RCE) vulnerability in VMware Aria Operations, identified as CVE-2023-20877, to its Known Exploited Vulnerabilities (KEV) catalog. This means the flaw has already been observed being actively exploited in the wild. Organizations using VMware Aria Operations are strongly urged to patch this vulnerability to prevent further exploitation.
IFF Assessment
The vulnerability is being actively exploited, indicating a direct and present threat to organizations running the affected software.
Severity
Defender Context
This RCE vulnerability in VMware Aria Operations presents a significant risk given its active exploitation and high CVSS score. Defenders must prioritize patching this flaw and monitor for any signs of compromise. Organizations should also review their security configurations for VMware products to ensure robust defenses against similar threats.