VMware has fixed a critical out-of-bounds write vulnerability (CVE-2023-34048) and a moderate-severity information disclosure flaw (CVE-2023-34056) in vCenter Server, its popular server management software. About CVE-2023-34048 and CVE-2023-34056 CVE-2023-34048 allows an attacker with network access to a vulnerable vCenter Server virtual appliance to trigger an out-of-bounds write that can lead to remote code execution. It has been reported by Grigory Dorodnov of Trend Micro Zero Day Initiative and there are no indications of it being … More
The post VMware patches critical vulnerability in vCenter Server (CVE-2023-34048) appeared first on Help Net Security.