Last week, researchers from Horizon3’s Attack Team announced the release of PoC exploit code for remote code execution in VMware vRealize Log tracked as CVE-2022-31706 (CVSS base 9.8/10).

The PoC exploit code will trigger a series of flaws in VMware vRealize Log to achieve remote code execution on vulnerable installs.

VMware Aria Operations for Logs (formerly vRealize Log Insight) is a log collection and analytics virtual appliance that enables administrators to collect, view, manage and analyze syslog data. Log Insight provides real-time monitoring of application logs, network traces, configuration files, messages and performance data.