all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

VMware Fixes Critical-Severity vCenter Server Bug

Add to bookmarks
Oct. 25, 2023, 7 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

VMware has released patches for a critical-severity vulnerability in its centralized management utility, vCenter Server, which could enable remote code execution attacks.


vCenter Server helps users manage virtual machines, ESXi hosts, and other components from a centralized location. The flaw (CVE-2023-34048) is an out-of-bounds write issue that specifically stems from the implementation of DCE/RPC, the protocol for remote procedure calls.


“A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution,” …

attacks bug centralized management code code execution components critical cve cve-2023-34048 enable esxi fixes flaw implementation issue location machines manage management out-of-bounds out-of-bounds write patches remote code remote code execution rpc server severity utility vcenter vcenter server virtual virtual machines vmware vulnerability

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Cyberattack against United Russia claimed by Ukraine an hour ago | malware.news
attack cyberattack distributed initiative +14
US jails former NSA employee for attempting secret sale to Russia an hour ago | malware.news
agency article confidential defense +25
Better identity threat detection sought by new Semperis ML-based tool an hour ago | malware.news
and response article detection detection and response +27
Red Hat's latest enterprise Linux delivers new features to tackle hybrid-cloud complexity 2 hours ago | malware.news
addition article cloud complexity +13
NASA doesn't know if its spacecraft have adequate cyber defenses, GAO warns 2 hours ago | malware.news
agency article best practices cyber +11
US warns of Russian hackers targeting operational technology in water systems 3 hours ago | malware.news
advisory breached hackers official +10
Senators grill UnitedHealth CEO on Change Healthcare cyberattack 3 hours ago | malware.news
article ceo change change healthcare +13
‘Uncharted Territory:’ Companies Devise AI Security Policies 4 hours ago | malware.news
ai security businesses companies don +14
Significant drop recorded in FBI searches of Section 702 database 4 hours ago | malware.news
act agency database fbi +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs