On October 25, 2023, VMware released a security advisory for a critical vulnerability in vCenter Server (CVE-2023-34048). This vulnerability allows an attacker with network access to vCenter Server to execute arbitrary code remotely.
The vulnerability is caused by an out-of-bounds write in the implementation of the DCERPC protocol. An attacker can exploit this vulnerability by sending a specially crafted RPC packet to vCenter Server. If the packet is successfully exploited, the attacker can gain root access to the vCenter Server.
The impact of CVE-2023-34048 is severe. An attacker who exploits this vulnerability could gain complete control of a vCenter Server. This could allow the attacker to deploy malware, steal data, or disrupt operations.
The following VMware products are affected by CVE-2023-34048:
VMware has released a patch for CVE-2023-34048 in the following versions of vCenter Server:
If you are using an affected version of vCenter Server, you should patch to the latest version immediately. There are no known workarounds for this vulnerability. The fact that VMware have felt the need to patch all the way back to 6.5 suggests that it is bad.
CVE-2023-34048 is a critical vulnerability in VMware vCenter Server that can be exploited by attackers to execute arbitrary code remotely. If you are using an affected version of vCenter Server, you should patch to the latest version immediately or implement the workarounds described above.
Be Secure Cyber is a leading cyber security consultancy that can help you protect your business from CVE-2023-34048 and other cyber threats. We offer a range of services, including:
Contact us today to learn more about how we can help you protect your business from CVE-2023-34048 and other cyber threats.
(We take no responsibility for the content of external links)
© Be Secure Cyber Ltd 2023