all InfoSec news
Exploitation of Recently Patched VMware Bug Started in 2021
Malware Analysis, News and Indicators - Latest topics malware.news
A Chinese threat group exploited a critical-severity remote code execution flaw in VMware’s centralized management utility, vCenter Server, for almost two years before patches were released.
VMware released fixes for the flaw (CVE-2023-34048) in October 2023, but at the time the company said it had not seen evidence of exploitation. On Wednesday, VMware updated its security advisory to confirm that exploitation had occurred in the wild, and then on Friday, researchers with Mandiant said that they found evidence of this …
bug centralized management chinese code code execution critical cve cve-2023-34048 exploitation exploited fixes flaw management october patches remote code remote code execution server severity the company threat threat group utility vcenter vcenter server vmware