Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Vulnerability in VMware vCenter Server
Alerts

Critical Vulnerability in VMware vCenter Server

26 October 2023

VMware has released emergency security updates to address a critical vulnerability in VMware vCenter Server. The vulnerability (CVE-2023-34048) has a Common Vulnerability Scoring System (CVSSv3) score of 9.8 out of 10. 

Successful exploitation of the vulnerability can trigger an out-of-bounds write, potentially leading to remote code execution (RCE).

The vulnerability affects the following products:

  • VMware vCenter Server

  • VMware Cloud Foundation

Due to the critical severity of this vulnerability and the lack of a workaround, VMware has also issued updates for multiple end-of-life (EOL) products versions.

Users and administrators of affected products are advised to update to the latest version immediately. 

More information is available here:
https://www.vmware.com/security/advisories/VMSA-2023-0023.html

Back to top