This vulnerability allows remote malicious users to execute arbitrary code on affected installations of VMware vCenter Server Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of DCE/RPC protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a write before the start of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vmware vcenter server 7.0 |
||
vmware vcenter server 8.0 |
||
vmware vcenter server |
VMware urges admins to remove deprecated, vulnerable auth plug-in By Sergiu Gatlan February 20, 2024 04:00 PM 0 VMware urged admins today to remove a discontinued authentication plugin exposed to authentication relay and session hijack attacks in Windows domain environments via two security vulnerabilities left unpatched. The vulnerable VMware Enhanced Authentication Plug-in (EAP) enables seamless login to vSphere's management interfaces via integrated Windows Authentication and Windows-bas...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Plus: Uncle Sam says Ivanti exploits 'consistent with PRC' snoops
A VMware security vulnerability has been exploited by Chinese cyberspies since late 2021, according to Mandiant, in what has been a busy week for nation-state espionage news. On Friday VMware confirmed CVE-2023-34048, a critical out-of-bounds write flaw in vCenter Server, was under active exploitation. The bug, which received a 9.8-out-of-10 CVSS severity rating, was disclosed and patched in October. It can be abused to hijack a vulnerable server, if it can be reached over the internet or a netw...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Takes rare step of issuing patches for end-of-life versions, as some staff report end-of-career letters
VMware has disclosed a critical vulnerability in its vCenter Server – and that it issued an update to fix it weeks ago, along with patches for unsupported versions of the software. The soon-to-be-acquired-by-Broadcom virtualization giant on Wednesday delivered news that its implementation of the Distributed Computing Environment/Remote Procedure Calls (DCERPC) protocol contains an out-of-bounds write vulnerability. CVE-2023-34048, as the vuln is now known, scored a 9.8/10 CVSSv3 score, as it e...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Crooks know where the big bucks are
Zero-day exploits targeting enterprise-specific software and appliances are now outpacing zero-day bugs overall, according to Google's threat hunting teams. In a report published today, Google's Threat Analysis Group (TAG) and Mandiant said they tracked 97 total zero-day vulnerabilities found and exploited by miscreants in 2023, which is considerably more than the year prior, with 62 vulnerabilities. Enterprise-specific technology zero-days, however, increased by 64 percent in 2023 compared to 2...