vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.

Exploitation of this vulnerability has been observed in the wild. Patches have been available since October, so its imperative to patch immediately as VMware products have been historically targeted by ransomware groups.

The version of VMware vCenter Server installed on the remote host is 6.5 prior to 6.5U3v, 6.7 prior to 6.7U3t, 7.0 prior to 7.0U3o, or 8.0 prior to 8.0U1d. It is, therefore, affected by an out-of-bounds write vulnerability as referenced in the VMSA-2023-0023 advisory:

  - vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A     malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to     remote code execution. (CVE-2023-34048)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

CVE-2023-34048

critical

Tenable Plugins

critical