March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Advisory – CVE-2023-44483 – Apache Santuario Vulnerability
October 22, 2023
Rewterz Threat Advisory – CVE-2023-20273 – Cisco IOS XE Vulnerabilities Exploited in the Wild
October 23, 2023
Rewterz Threat Advisory – CVE-2023-44483 – Apache Santuario Vulnerability
October 22, 2023
Rewterz Threat Advisory – CVE-2023-20273 – Cisco IOS XE Vulnerabilities Exploited in the Wild
October 23, 2023
Severity
High
Analysis Summary
CVE-2023-34052 CVSS:8.1
VMware Aria Operations for Logs and Cloud Foundation could allow a remote attacker to bypass security restrictions, caused by an unsafe deserialization flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass authentication.
CVE-2023-34051 CVSS:8.1
VMware Aria Operations for Logs and Cloud Foundation could allow a remote attacker to execute arbitrary code on the system, caused by an authentication bypass flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-34046 CVSS:6.7
VMware Fusion could allow a local authenticated attacker to gain elevated privileges on the system, caused by a TOCTOU (Time-of-check Time-of-use) flaw during installation for the first time or when installing an upgrade. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges to root on the system.
CVE-2023-34045 CVSS:6.6
VMware Fusion could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw during installation for the first time or when installing an upgrade. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges to root on the system.
CVE-2023-34044 CVSS:7.1
VMware Workstation and Fusion could allow a local attacker to obtain sensitive information, caused by an out-of-bounds read flaw in the functionality for sharing host Bluetooth devices with the virtual machine. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
Impact
- Security Bypass
- Code Execution
- Privileges Escalation
- Information Theft
Indicators Of Compromise
CVE
- CVE-2023-34052
- CVE-2023-34051
- CVE-2023-34046
- CVE-2023-34045
- CVE-2023-34044
Affected Vendors
VMware
Affected Products
- VMware Cloud Foundation (VMware Aria Operations) 5
- VMware Cloud Foundation (VMware Aria Operations) 4
- VMware Aria Operations for Logs 8.0
- VMware Fusion 13
- VMware Workstation 17
Remediation
Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.