CVE202334048

Chinese Espionage Group UNC3886 Found Exploiting CVE-2023-34048 Since Late 2021 | Mandiant

by
Chinese Espionage Group UNC3886 Found Exploiting CVE-2023-34048 Since Late 2021 | Mandiant

While publicly reported and patched in October 2023, Mandiant and VMware Product Security have found UNC3886, a highly advanced China-nexus espionage group, has been exploiting CVE-2023-34048 as far back as late 2021. These findings stem from Mandiant’s continued research of the novel attack paths used by UNC3886, which historically focuses on technologies that are unable to have … Read more

VMware patches critical vulnerability in vCenter Server (CVE-2023-34048) – Help Net Security

by
VMware patches critical vulnerability in vCenter Server (CVE-2023-34048) – Help Net Security

VMware has fixed a critical out-of-bounds write vulnerability (CVE-2023-34048) and a moderate-severity information disclosure flaw (CVE-2023-34056) in vCenter Server, its popular server management software. About CVE-2023-34048 and CVE-2023-34056 CVE-2023-34048 allows an attacker with network access to a vulnerable vCenter Server virtual appliance to trigger an out-of-bounds write that can lead to remote code execution. It … Read more