Published on 26 Oct 2023 | Updated on 26 Oct 2023
VMware has released emergency security updates to address a critical vulnerability in VMware vCenter Server. The vulnerability (CVE-2023-34048) has a Common Vulnerability Scoring System (CVSSv3) score of 9.8 out of 10.
Successful exploitation of the vulnerability can trigger an out-of-bounds write, potentially leading to remote code execution (RCE).
The vulnerability affects the following products:Due to the critical severity of this vulnerability and the lack of a workaround, VMware has also issued updates for multiple end-of-life (EOL) products versions.
Users and administrators of affected products are advised to update to the latest version immediately.
More information is available here:
https://www.vmware.com/security/advisories/VMSA-2023-0023.html