Critical Authentication Bypass Vulnerability in VMware Aria Operations for Networks: CVE-2023-34039

Share :

On Tuesday, August 29, 2023, VMware disclosed a critical authentication bypass vulnerability (CVE-2023-34039) in VMware Aria Operations for Networks–formerly known as vRealize Network Insight–that could result in a threat actor gaining access to the Aria Operations for Networks CLI by bypassing SSH authentication.  

The vulnerability was responsibly disclosed to VMware and has not been actively exploited in campaigns. Furthermore, we have not identified a public proof of concept (PoC) exploit for CVE-2023-34039. However, threat actors have historically leveraged a VMware Aria Operations for Networks command injection vulnerability (CVE-2023-20887) to obtain remote code execution, according to CISA’s Known Exploited Vulnerabilities Catalog.  

In addition to CVE-2023-34039, VMware disclosed one other vulnerability that impacts the same VMware Aria Operations for Networks version.  

  • CVE-2023-20890 (CVSS 7.2): Arbitrary File Write Vulnerability 
VMware Aria Operations for Network 
Affected Versions  Fixed Version 
6.x  6.11 (KB94152) 
6.2.0  Build number: 1688977536 
6.3.0  Build number: 1688986302 
6.4.0  Build number: 1689079386 
6.5.1  Build number: 1688974096 
6.6.0  Build number: 1688979729 
6.7.0  Build number: 1688972173 
6.8.0  Build number: 1688989059 
6.9.0  Build number: 1688995771 
6.10.0  Build number: 1692934256 


CVE-2023-34039 Recommendation: Upgrade VMware Aria Operations for Networks to 6.11 or a Fixed Build Number 

Arctic Wolf strongly recommends upgrading VMware Aria Operations for Networks to 6.11 or a fixed build number to prevent potential exploitation.  

The upgrade package can be found in VMware’s Customer Connect portal here:  

Please follow your organizations patching and testing guidelines to avoid operational impact. 


Picture of Steven Campbell

Steven Campbell

Steven Campbell is a Senior Threat Intelligence Researcher at Arctic Wolf Labs and has more than eight years of experience in intelligence analysis and security research. He has a strong background in infrastructure analysis and adversary tradecraft.
Share :
Table of Contents
Subscribe to our Monthly Newsletter