Request a Demo
Rewterz
Rewterz Threat Intel – CVE-2023-35719 – Zoho ManageEngine ADSelfService Plus Vulnerability
June 23, 2023
Rewterz
Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
June 23, 2023

Rewterz Threat Intel – Multiple VMware vCenter Server and Cloud Foundation Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-20896 CVSS:5.9

VMware vCenter Server and VMware Cloud Foundation are vulnerable to a denial of service, caused by an out-of-bounds read in the implementation of the DCERPC protocol. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to cause a denial of service in the vmcad, vmdird, and vmafdd services.

CVE-2023-20895 CVSS:8.1

VMware vCenter Server and VMware Cloud Foundation could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in the implementation of the DCERPC protocol. An attacker could exploit this vulnerability to execute arbitrary code on the system and bypass authentication.

CVE-2023-20894 CVSS:8.1

VMware vCenter Server and VMware Cloud Foundation could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in the implementation of the DCERPC protocol. By sending a specially crafted packet, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-20893 CVSS:8.1

VMware vCenter Server and VMware Cloud Foundation could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the implementation of the DCERPC protocol. An attacker could exploit this vulnerability to execute arbitrary code on the underlying operating system.

CVE-2023-20892 CVSS:8.1

VMware vCenter Server and VMware Cloud Foundation are vulnerable to a heap-based buffer overflow, caused by use of uninitialized memory in the implementation of the DCERPC protocol. By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the underlying operating system.

Impact

  • Denial of Service
  • Code Execution
  • Buffer Overflow

Indicators Of Compromise

CVE

  • CVE-2023-20896
  • CVE-2023-20895
  • CVE-2023-20894
  • CVE-2023-20893
  • CVE-2023-20892

Affected Vendors

VMware

Affected Products

  • VMware vCenter Server 7.0
  • VMware vCenter Server 8.0
  • VMware Cloud Foundation (vCenter Server) 4.0

Remediation

Refer to VMware Security Advisory for patch, upgrade or suggested workaround information. 

VMware Security Advisory