Network Alerts

VMware vCenter Vulnerability

Posted by Eric Bronson - October 26, 2023 - Vulnerability, VMware, vCenter

About the Alert

A critical vulnerability was recently disclosed that affects VMware's vCenter Server and Cloud Foundation. The consequences of this vulnerability may result in a malicious actor performing remote code execution. Specifics of the vulnerability can be found here.

CVE-2023-34048: VMware vCenter Server Out-of-Bounds Write Vulnerability
CVE-2023-34056: VMware vCenter Server Partial Information Disclosure Vulnerability

Affected Products:
VMware vCenter Server
VMware Cloud Foundation

Key Takeaways:

  • Critical severity
  • Malicious actor(s) could perform remote code execution
  • Not known to be exploited in the wild

Mitigating the Vulnerability

It is recommended to update vCenter and Cloud Foundation as soon as possible. If you would like assistance with assessing exposure or best go forward plan, please reach out to your SymQuest Account Executive.

Never miss a critical vulnerability alert

Stay in the know and receive a notification right to your inbox when a security message is posted.

Subscribe

Subscribe to receive Network Alerts

×