AI Security AI安全 1d ago Updated 21h ago 更新于 21小时前 42

7 Severe Vulnerabilities Patched in VMware Avi Load Balancer VMware Avi负载均衡器修复7个严重漏洞

Broadcom released updates for VMware Avi Load Balancer to patch seven critical and high-severity vulnerabilities discovered by external researchers. The most severe flaw, CVE-2026-47865, is a critical authentication bypass allowing network-based attackers to breach the Avi control plane. Additional vulnerabilities include remote code execution, privilege escalation, and directory traversal attacks, primarily affecting authenticated users or those with network access. No in-the-wild exploitation Broadcom发布VMware Avi Load Balancer更新,修复了7个由外部研究人员发现的严重及高危漏洞。 关键漏洞包括CVE-2026-47865(关键级认证绕过)及多个允许任意代码执行和权限提升的高危漏洞。 漏洞发现者Filip Waeytens和Lang Khuong Duy因负责任披露获得Broadcom认可。 尽管目前尚无野外利用报告,但鉴于VMware产品常被攻击者针对,建议立即安装补丁。

65
Hot 热度
60
Quality 质量
55
Impact 影响力

Analysis 深度分析

TL;DR

  • Broadcom released updates for VMware Avi Load Balancer to patch seven critical and high-severity vulnerabilities discovered by external researchers.
  • The most severe flaw, CVE-2026-47865, is a critical authentication bypass allowing network-based attackers to breach the Avi control plane.
  • Additional vulnerabilities include remote code execution, privilege escalation, and directory traversal attacks, primarily affecting authenticated users or those with network access.
  • No in-the-wild exploitation has been reported, but immediate patching is recommended due to the high risk associated with VMware product flaws.

Why It Matters

This update is critical for organizations relying on VMware Avi Load Balancer for hybrid and multi-cloud environments, as the patched vulnerabilities could lead to full system compromise. Security teams must prioritize applying these patches to prevent potential breaches, especially given the history of VMware products being targeted by threat actors.

Technical Details

  • CVE-2026-47865: A critical authentication bypass vulnerability discovered by Filip Waeytens, allowing attackers with network access to breach the Avi control plane.
  • CVE-2026-47866, 47867, 47868: High-severity flaws identified by Waeytens enabling authentication bypass, arbitrary code execution, and root privilege escalation, requiring network or local access.
  • CVE-2026-47870, 47871: High-severity bugs found by Lang Khuong Duy facilitating privilege escalation and directory traversal attacks.
  • CVE-2026-47869: A high-severity remote code execution vulnerability jointly reported by both researchers, exploitable by authenticated attackers with network access.

Industry Insight

Organizations should immediately verify their VMware Avi Load Balancer versions and apply the latest security patches to mitigate the risk of control plane breaches. Security monitoring should be enhanced to detect any anomalous authentication attempts or privilege escalation activities, even though no in-the-wild exploits have been confirmed yet.

TL;DR

  • Broadcom发布VMware Avi Load Balancer更新,修复了7个由外部研究人员发现的严重及高危漏洞。
  • 关键漏洞包括CVE-2026-47865(关键级认证绕过)及多个允许任意代码执行和权限提升的高危漏洞。
  • 漏洞发现者Filip Waeytens和Lang Khuong Duy因负责任披露获得Broadcom认可。
  • 尽管目前尚无野外利用报告,但鉴于VMware产品常被攻击者针对,建议立即安装补丁。

为什么值得看

对于使用混合云或多云环境的IT安全团队而言,此次更新至关重要,因为Avi Load Balancer作为核心基础设施组件,其漏洞可能导致整个控制平面被接管。关注此动态有助于企业及时修补身份验证和权限管理缺陷,防止潜在的数据泄露或服务中断。

技术解析

  • 漏洞概况:共修复7个漏洞,其中1个关键级(Critical),6个高危级(High)。涉及认证绕过、任意代码执行、目录遍历和权限提升等攻击向量。
  • 关键漏洞详情:CVE-2026-47865允许具有网络访问权限的攻击者绕过认证并入侵Avi控制平面;其他高危漏洞如CVE-2026-47866/67/68可导致特权提升至root级别。
  • 责任披露:NATO技术网络中心的Filip Waeytens发现了5个漏洞,Viettel IDC的Lang Khuong Duy发现了2个漏洞,两人共同报告了一个远程代码执行漏洞(CVE-2026-47869)。
  • 实施要求:所有漏洞利用均需网络或本地访问权限,目前未检测到野外利用,但需强制升级软件以消除风险。

行业启示

  • 供应链安全常态化:大型厂商(如Broadcom/VMware)的产品漏洞往往影响广泛,企业需建立自动化的补丁管理流程,而非依赖手动更新。
  • 重视外部研究员贡献:与独立安全研究人员和机构合作进行负责任披露,能有效缩短漏洞从发现到修复的时间窗口,降低被恶意利用的风险。
  • 零信任架构必要性:鉴于认证绕过和权限提升漏洞的存在,强化网络分段和最小权限原则是防御此类底层基础设施漏洞的关键策略。

Disclaimer: The above content is generated by AI and is for reference only. 免责声明:以上内容由 AI 生成,仅供参考。

Security 安全