VMware patches critical vRealize Operations flaws that could lead to RCE

Read the original article: VMware patches critical vRealize Operations flaws that could lead to RCE

Two vulnerabilities (CVE-2021-21975, CVE-2021-21983) recently patched by VMware in its vRealize Operations platform can be chained together to achieve unauthenticated remote code execution (RCE) on the underlying operating system, Positive Technologies researchers have found. There is no PoC currently available and no mention of the vulnerabilities being exploited in the wild. Nevertheless, administrators are advised to implement provided security patches or temporary workarounds as soon as possible. VMware vRealize Operations vulnerabilities could lead to RCE … More →

The post VMware patches critical vRealize Operations flaws that could lead to RCE appeared first on Help Net Security.

Become a supporter of IT Security News and help us remove the ads.