VMware fixes critical code execution flaw in vCenter Server

VMware fixes critical code execution flaw in vCenter Server

October 25, 2023 at 05:06AM

VMware has released security updates to address a critical vulnerability in vCenter Server that can be exploited for remote code execution attacks. The vulnerability (CVE-2023-34048) allows unauthenticated attackers to remotely exploit it without user interaction. VMware has made patches available for affected products, including end-of-life versions. Administrators are advised to control network access and apply the necessary patches. VMware has also patched another vulnerability (CVE-2023-34056) that could be exploited for partial information disclosure.

Key Takeaways from Meeting Notes:

– VMware has issued security updates to address a critical vulnerability in vCenter Server that could lead to remote code execution attacks.
– The vulnerability (CVE-2023-34048) was reported by Grigory Dorodnov of Trend Micro’s Zero Day Initiative and is related to an out-of-bounds write weakness in vCenter’s DCE/RPC protocol implementation.
– Unauthenticated attackers can exploit this vulnerability remotely, without user interaction.
– VMware has provided security patches through standard update mechanisms for vCenter Server, including for end-of-life products.
– There is no workaround available for this vulnerability, so strict network perimeter access controls are recommended.
– Specific network ports (2012/tcp, 2014/tcp, and 2020/tcp) are linked to potential exploitation of this vulnerability.
– In addition, VMware has patched a partial information disclosure vulnerability (CVE-2023-34056) that could allow threat actors with non-administrative privileges to access sensitive data on vCenter servers.
– Organizations are advised to consider these updates as emergency changes and consult with their information security staff for the appropriate action.
– VMware has previously addressed other high-severity security flaws in vCenter Server, as well as patched a zero-day in ESXi and a critical flaw in the Aria Operations for Networks analytics tool.

Full Article

By proceeding you understand and give your consent that your IP address and browser information might be processed by the security plugins installed on this site.
×