Security News > 2023 > June > VMware fixes vCenter Server bugs allowing code execution, auth bypass
VMware has addressed multiple high-severity security flaws in vCenter Server, which can let attackers gain code execution and bypass authentication on unpatched systems.
vCenter Server is the control center for VMware's vSphere suite and a server management solution that helps admins manage and monitor virtualized infrastructure.
"The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol," VMware said.
"A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server."
Threat actors targeting CVE-2023-20895 may trigger an out-of-bounds read and memory corruption, allowing them to bypass authentication on unpatched vCenter Server appliances.
A fifth vCenter Server out-of-bounds read vulnerability tracked as CVE-2023-20896 can be exploited remotely in denial-of-service attacks targeting multiple VMware services on the target host.
News URL
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-22 | CVE-2023-20896 | Out-of-bounds Read vulnerability in VMWare Vcenter Server The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted packet leading to denial-of-service of certain services (vmcad, vmdird, and vmafdd). | 7.5 |
2023-06-22 | CVE-2023-20895 | Out-of-bounds Write vulnerability in VMWare Vcenter Server The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication. | 9.8 |