VMware has fixed a critical out-of-bounds write vulnerability (CVE-2023-34048) and a moderate-severity information disclosure flaw (CVE-2023-34056) in vCenter Server, its popular server management software.
About CVE-2023-34048 and CVE-2023-34056
CVE-2023-34048 allows an attacker with network access to a vulnerable vCenter Server virtual appliance to trigger an out-of-bounds write that can lead to remote code execution.
It has been reported by Grigory Dorodnov of Trend Micro Zero…