PRUEBA AHORA
Vulnerability

4 High-Severity Bugs Fixed in VMware vCenter Server

2 min. read
27/06/2023
By Laura Libeer
VMware remote code execution

⚡ TL;DR | Go Straight to the VMware vCenter Server Vulnerability Audit Report

Last week, VMware released security updates for vCenter Server in response to a number of memory corruption vulnerabilities in the DCERPC protocol implementation. When exploited, the bugs could allow an attacker to execute code or bypass authentication, which could compromise confidential data and seriously disrupt operations. We have added a new report to Lansweeper to help you find any vulnerable installs.

4 High Severity Vulnerabilities

VMware’s security advisory addresses 5 vulnerabilities in the implementation of the DCERPC protocol, 4 of which are in the important severity range with a CVSSv3 base score of 8.1. CVE-2023-20892 (a heap overflow vulnerability) and CVE-2023-20893 (a use-after-free vulnerability) could allow an attacker to execute arbitrary code on the underlying operating system that hosts vCenter Server. CVE-2023-20894 and CVE-2023-20895, respectively an out-of-bounds write and read vulnerability, could allow an attacker to bypass authentication through memory corruption. A fifth vulnerability, CVE-2023-20896, received a moderate severity rating of 5.9 and could lead to denial of service.

Update Vulnerable vCenter Server Installs

VMware has released fixes for vCenter Server ad Cloud Foundation. Make sure to update all affected deployments to the latest version to protect your network. You can more information on all updates on VMware’s security advisory. The list below also gives you an overview of the affected and fixed versions.

ProductAffected VersionFixed Version
vCenter Server8.08.0 U1b
vCenter Server7.07.0 U3m
Cloud Foundation5.x8.0 U1b
Cloud Foundation4.x7.0 U3m

Discover Vulnerable VMware vCenter Server Installs

Our technical team has put together a new report to help you locate vulnerable deployments in your network. This way you have an actionable list of installs where you still need to take action. You can get to the report via the link below.