all InfoSec news
VMware Fixes Critical-Severity vCenter Server Bug
Malware Analysis, News and Indicators - Latest topics malware.news
VMware has released patches for a critical-severity vulnerability in its centralized management utility, vCenter Server, which could enable remote code execution attacks.
vCenter Server helps users manage virtual machines, ESXi hosts, and other components from a centralized location. The flaw (CVE-2023-34048) is an out-of-bounds write issue that specifically stems from the implementation of DCE/RPC, the protocol for remote procedure calls.
“A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution,” …
attacks bug centralized management code code execution components critical cve cve-2023-34048 enable esxi fixes flaw implementation issue location machines manage management out-of-bounds out-of-bounds write patches remote code remote code execution rpc server severity utility vcenter vcenter server virtual virtual machines vmware vulnerability