VMware has released patches for a critical-severity vulnerability in its centralized management utility, vCenter Server, which could enable remote code execution attacks.
vCenter Server helps users manage virtual machines, ESXi hosts, and other components from a centralized location. The flaw (CVE-2023-34048) is an out-of-bounds write issue that specifically stems from the implementation of DCE/RPC, the protocol for remote procedure calls.
“A malicious actor with network…