⚡ TL;DR | Go Straight to the VMware vCenter Server Vulnerability Audit Report
Last week, VMware released security updates for vCenter Server in response to a number of memory corruption vulnerabilities in the DCERPC protocol implementation. When exploited, the bugs could allow an attacker to execute code or bypass authentication, which could compromise confidential data and seriously disrupt operations. We have added a new report to Lansweeper to help you find any vulnerable installs.
4 High Severity Vulnerabilities
VMware’s security advisory addresses 5 vulnerabilities in the implementation of the DCERPC protocol, 4 of which are in the important severity range with a CVSSv3 base score of 8.1. CVE-2023-20892 (a heap overflow vulnerability) and CVE-2023-20893 (a use-after-free vulnerability) could allow an attacker to execute arbitrary code on the underlying operating system that hosts vCenter Server. CVE-2023-20894 and CVE-2023-20895, respectively an out-of-bounds write and read vulnerability, could allow an attacker to bypass authentication through memory corruption. A fifth vulnerability, CVE-2023-20896, received a moderate severity rating of 5.9 and could lead to denial of service.
Update Vulnerable vCenter Server Installs
VMware has released fixes for vCenter Server ad Cloud Foundation. Make sure to update all affected deployments to the latest version to protect your network. You can more information on all updates on VMware’s security advisory. The list below also gives you an overview of the affected and fixed versions.
Product | Affected Version | Fixed Version |
vCenter Server | 8.0 | 8.0 U1b |
vCenter Server | 7.0 | 7.0 U3m |
Cloud Foundation | 5.x | 8.0 U1b |
Cloud Foundation | 4.x | 7.0 U3m |
Discover Vulnerable VMware vCenter Server Installs
Our technical team has put together a new report to help you locate vulnerable deployments in your network. This way you have an actionable list of installs where you still need to take action. You can get to the report via the link below.