WARNING: Multiple high-risk vulnerabilities in VMWare vCenter Server
- CVE-2023-20892
- CVE-2023-20893
- CVE-2023-20894
- CVE-2023-20895
Sources
https://www.vmware.com/security/advisories/VMSA-2023-0014.html
Risks
Multiple memory corruption vulnerabilities in VMware vCenter Server due to the implementation of the DCERPC protocol were reported to VMware.
All four vulnerabilities have a HIGH impact on Confidentiality, Integrity, and Availability. Privileges, authentication, and user interaction are not required to exploit these vulnerabilities.
Description
CVE-2023-20892: VMware vCenter Server heap-overflow vulnerability
The vCenter Server is vulnerable to a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor can exploit this vulnerability to execute arbitrary code on the underlying operating system that hosts vCenter Server.
CVE-2023-20893: VMware vCenter Server use-after-free vulnerability
The VMware vCenter Server has a use-after-free vulnerability due to the implementation of the DCERPC protocol. A malicious actor can exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server.
CVE-2023-20894: VMware vCenter Server out-of-bounds write vulnerability
The VMware vCenter Server has an out-of-bounds write vulnerability due to the implementation of the DCERPC protocol. A malicious actor can trigger an out-of-bound write by sending a specially crafted packet that leads to memory corruption.
CVE-2023-20895: VMware vCenter Server out-of-bounds read vulnerability
The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor can trigger a memory corruption vulnerability which may bypass authentication.
Recommended Actions
The Centre for Cyber Security Belgium strongly recommends system administrators to visit VMWARE’s release pages to download and install the patched versions of this software.
VMware vCenter Server 8.0 U1b:
https://docs.vmware.com/en/VMware-vSphere/8.0/rn/vsphere-vcenter-server-80u1b-release-notes/index.html
VMware vCenter Server 7.0 U3m:
https://docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-vcenter-server-70u3m-release-notes/index.html
References
https://nvd.nist.gov/vuln/detail/CVE-2023-20892
https://nvd.nist.gov/vuln/detail/CVE-2023-20893
https://nvd.nist.gov/vuln/detail/CVE-2023-20894
https://nvd.nist.gov/vuln/detail/CVE-2023-20895