During the month of October 2023 VMware has issued critical security updates to address a severe vulnerability in its vCenter Server, which had the potential to enable remote code execution attacks on susceptible servers.
The vulnerability, identified as CVE-2023-34048 with a CVSS score of 9.8, resides from an out-of-bounds write weakness in the implementation of the Distributed Computing Environment / Remote Procedure Call (DCE/RPC) protocol by vCenter.
This flaw poses a significant security risk, as it allows unauthenticated attackers to remotely exploit it in low-complexity attacks that do not necessitate user interaction. This makes it alarmingly accessible to potential cyber criminals and increases the urgency for effective countermeasures.
VMware has swiftly released security patches through the standard vCenter Server update mechanisms. VMware has also issued patches for several end-of-life products that are no longer under active support.
In a notable deviation from its standard policy, VMware has made patches generally available for older versions of its software, including vCenter Server 6.7U3, 6.5U3, and VCF 3.x, citing the critical severity of the vulnerability and the absence of any viable workaround. Additionally, VMware has released patches for vCenter Server 8.0U1 and has provided asynchronous patches for VCF 5.x and 4.x deployments.
As of January 17, 2024, VMware has reported evidence that the CVE-2023-34048 RCE bug is currently being exploited in attacks. This ongoing threat accentuates the importance of immediate action by organizations using VMware’s vCenter Server to ensure they are safeguarded against potential intrusions.
For businesses and organizations relying on VMware’s virtualized infrastructure, updating to the latest security patches is not just a recommendation – it is an imperative step in fortifying their defenses against a landscape of ever-evolving cyber threats.
Thanks for sharing this information ℹ️
💯