## https://sploitus.com/exploit?id=SAINT:A46144C15AAE6CFF6670C3DCA0F8458C
Added: 09/06/2023
### Background
SSH Private keys are used for authentication for many devices. Devices shipped with a default, static key are vulnerable to compromise if the public discovers the key. The private key can be re-used by an attacker to gain remote, privileged access to the device.
### Problem
Default SSH keys in VMware Aria Operations for Networks could allow a remote attacker with knowledge of the private key to gain access as the support user.
### Resolution
Apply the fix referenced in [VMSA-2023-0018](<https://www.vmware.com/security/advisories/VMSA-2023-0018.html>).
### References
<https://www.vmware.com/security/advisories/VMSA-2023-0018.html>
<https://summoning.team/blog/vmware-vrealize-network-insight-rce-cve-2023-34039/>
### Platforms
Linux
Unix