April 1, 2021 VMware patches critical vRealize Operations flaws that could lead to RCE Two vulnerabilities (CVE-2021-21975, CVE-2021-21983) recently patched by VMware in its vRealize Operations platform can be chained together to achieve unauthenticated remote code execution (RCE) on the underlying operating system, Positive Technologies researchers have found. There is no PoC currently available and no mention of the vulnerabilities being exploited in the wild. Nevertheless, administrators are advised to implement provided security patches or temporary workarounds as soon as possible. VMware vRealize Operations vulnerabilities could lead to RCE VMware vRealize Operations is a unified, AI-powered platform for IT operations management for private, hybrid, and multi-cloud environments. It is available on premises and as SaaS.