Skip to main content

VMware Releases Security Updates for VMWare vCenter Server and Cloud Foundation

Security updates address a critical out-of-bounds write and information disclosure vulnerability in vCenter Server and Cloud Foundation

Threat ID:
CC-4397
Threat Severity:
Medium
Published:
25 October 2023 2:01 PM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Security updates address a critical out-of-bounds write and information disclosure vulnerability in vCenter Server and Cloud Foundation

Affected platforms

The following platforms are known to be affected:

Versions: 8.0 and 7.0

VMware vCenter Server

Versions: 5.x and 4.x

VMware Cloud Foundation

Threat details

Introduction

VMware have released security updates to address two security vulnerabilities within vCenter Server and Cloud Foundation.

The first of these vulnerabilities is a critical out-of-bounds vulnerability within the DCERPC protocol known as CVE-2023-34048. This vulnerability has a CVSSv3 score of 9.8, and could be used by an attacker to achieve remote code execution (RCE)

The second vulnerability is a partial information disclosure vulnerability known as CVE-2023-34056. This vulnerability has a CVSSv3 score of 4.3, and may allow an attacker with non-administrative privileges to access unauthorised data.

Exploitation of CVE-2023-34048

Reports of long-term exploitation of vulnerability CVE-2023-34048 dating back to late 2021.

Threat updates

Date Update
19 Jan 2024 Exploitation of vulnerability CVE-2023-34048 observed in the wild

The Cyber Alert has been updated to reflect this change

Remediation advice

Affected organisations are encouraged to review the following VMware Security Advisory and apply the necessary updates.

Last edited: 19 January 2024 1:48 pm