News

  • There are no suggestions because the search field is empty.
Category: vmware, patch, update, virtualization, security, threat, server, vcenter
Posted: 28 June 2023

VMware Fixes Code Execution Vulnerabilities in vCenter Server

VMware has released software updates to address several memory corruption vulnerabilities discovered in vCenter Server. These vulnerabilities, if left unaddressed, could potentially lead to remote code execution. Below are the key vulnerabilities patched by VMware.

  1. Patched Vulnerabilities: VMware has addressed a total of five security defects in vCenter Server related to the DCERPC protocol. Among these vulnerabilities, four are classified as 'important' with a CVSS score of 8.1. Notably, two of these issues (CVE-2023-20892 and CVE-2023-20893) involve heap buffer overflow and use-after-free flaws, respectively, which could allow malicious actors to execute arbitrary code on the underlying operating system hosting vCenter Server.

  2. Out-of-Bounds Write and Authentication Bypass: Another patched vulnerability, CVE-2023-20894, is an out-of-bounds write bug that can be triggered through specially crafted packets, potentially causing memory corruption. The fourth vulnerability, CVE-2023-20895, is a memory corruption flaw that allows for network-based exploitation to bypass authentication.

  3. Denial-of-Service (DoS) Vulnerability: In addition to the code execution vulnerabilities, VMware's updates also address an important-severity out-of-bounds read vulnerability. Exploiting this flaw remotely could lead to a DoS condition on services such as vmcad, vmdird, and vmafdd.

Update Recommendations

VMware urges all customers to update their affected products to the patched versions. It is important to note that there are no workarounds available for these vulnerabilities at the moment. While VMware is not currently aware of any instances of these flaws being exploited in the wild, it is crucial for users to promptly update their vCenter Server deployments to the patched versions to proactively mitigate any potential risks.

By promptly applying these patches, customers can mitigate the risks associated with remote code execution and potential memory corruption. Organisations using vCenter Server should prioritise the installation of the patched versions to maintain a secure and resilient virtual infrastructure environment.

Due to the severity range given to this issue, andersenIT suggests that this patch may require approx. a 2-hour outage window per vCenter Server. If you need help we have the expertise so don't delay. By filling out the form below, we are offering a 30% discount off our standard hourly rates for the first 5 responders. It should be emphasised that the recommended patches are intended for patching within the current supported versions of vCenter Server. These patches do not encompass upgrades to the next version, such as transitioning from v6.7 to v7.0.
 

 

 Back to Top

Keep up with the latest information from andersenIT - Subscribe to our eNews