Risk | Critical |
Patch available | YES |
Number of vulnerabilities | 2 |
CVE-ID | CVE-2023-34048 CVE-2023-34056 |
CWE-ID | CWE-787 CWE-284 |
Exploitation vector | Network |
Public exploit | Vulnerability #1 is being exploited in the wild. |
Vulnerable software |
vCenter Server Server applications / Virtualization software |
Vendor | VMware, Inc |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
EUVDB-ID: #VU82353
Risk: Critical
CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]
CVE-ID: CVE-2023-34048
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the DCERPC protocol implementation. A remote non-authenticated attacker can send a specially crafted RPC request to the vCenter Server, trigger an out-of-bounds write and execute arbitrary code on the target system.
Note, the vulnerability is being actively exploited in the wild since late 2021.
Install updates from vendor's website.
Vulnerable software versionsvCenter Server: 7.0 U1c - 8.0.0
CPE2.3http://www.vmware.com/security/advisories/VMSA-2023-0023.html
http://www.zerodayinitiative.com/advisories/ZDI-23-1590/
http://blog.sonicwall.com/en-us/2023/12/vmware-vcenter-dcerpc-dealloc-pointer-manipulation/
http://www.mandiant.com/resources/blog/chinese-vmware-exploitation-since-2021
http://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23677
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
EUVDB-ID: #VU82354
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-34056
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain unauthorized access to sensitive information.
The vulnerability exists due to improper access restrictions. A remote user can bypass implemented security restrictions and gain unauthorized access to sensitive information.
Install updates from vendor's website.
Vulnerable software versionsvCenter Server: 7.0 U1d - 8.0.0
CPE2.3http://www.vmware.com/security/advisories/VMSA-2023-0023.html
http://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23677
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.