CVE-2023-34048
Published: 25 October 2023
Summary
CVE-2023-34048 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Vmware Vcenter Server. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 0.2% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SC-7 (Boundary Protection) and SI-2 (Flaw Remediation).
Deeper analysis
vCenter Server contains an out-of-bounds write vulnerability in its DCERPC protocol implementation. The flaw is tracked as CVE-2023-34048 and carries a CVSS v3.1 score of 9.8, reflecting network-accessible attack complexity that requires no authentication or user interaction.
A malicious actor with network access to vCenter Server can trigger the out-of-bounds write to achieve remote code execution on the affected system. The vulnerability is also catalogued under CWE-787.
VMware has published advisory VMSA-2023-0023 detailing the issue, and CISA lists CVE-2023-34048 in its Known Exploited Vulnerabilities catalog. The associated EPSS score has remained at a peak of 0.9321 since disclosure, indicating sustained exploitation interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-38166
Vulnerability details
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.
- CWE(s)
- KEV Date Added
- 22 January 2024
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely installation of vendor patches that eliminate the DCERPC out-of-bounds write before exploitation can occur.
Enforces boundary protection and traffic filtering to block unauthorized network access to vCenter, eliminating the attack vector required by the CVE.
Enforces access-control decisions on network connections and services, limiting which hosts or accounts can reach the vulnerable DCERPC implementation.