CVE-2023-34048

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 25, 2023

Updated: Aug 14, 2024

CWE ID 787

Summary

CVE-2023-34048 is a vulnerability affecting vCenter Server that involves an out-of-bounds write issue in the DCERPC protocol implementation. This flaw allows malicious actors with network access to vCenter Server to potentially execute remote code by triggering an out-of-bounds write. Successful exploitation could result in significant security risks, making it crucial for organizations using vCenter Server to apply the necessary patches promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

VMware vCenter Server

Affected Vendors

VMware Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tIKNhX
https://www.cve.org/CVERecord?id=CVE-2023-34048
https://nvd.nist.gov/vuln/detail/CVE-2023-34048

Back to Vulnerability Database