Vmware vCenter Flaws Leading to RCE Attacks

Threat Advisories

Vmware vCenter Flaws Leading to RCE Attacks

October 27, 2023
Threat Level
Amber
Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

Two vulnerabilities, CVE-2023-34048 and CVE-2023-34056, were identified in VMware vCenter Server, a server management software used for centralized management of virtual machines and ESXi hosts. CVE-2023-34048 is associated with an Out-of-Bounds Write issue, while CVE-2023-34056 is linked to Partial Information Disclosure. These vulnerabilities could allow an attacker to execute remote code and gain unauthorized access to sensitive information.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

Recent Posts

Join Our Newsletter 14,000+ subscribers and growing! Get top cybersecurity news delivered directly to your inbox.
Sign Up to Receive Our Weekly Threat Digest