VMware fixes critical code execution flaw in vCenter Server

VMware fixes critical code execution flaw in vCenter Server


VMware issued security updates to fix a critical vCenter Server vulnerability that can be exploited to gain remote code execution attacks on vulnerable servers.

vCenter Server is the central management hub for VMware’s vSphere suite, and it helps administrators manage and monitor virtualized infrastructure.

The vulnerability (CVE-2023-34048) was reported by Grigory Dorodnov of Trend Micro’s Zero Day Initiative and is due to an out-of-bounds write weakness in vCenter’s DCE/RPC protocol…



Source link