Threat Intelligence / CVE / CVE-2023-34048

CVE-2023-34048

CISA KEV

CVSS 9.8 (CRITICAL) · EPSS 93.2% · Published 2023-10-25

vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-787

Threats tracking this CVE

CL-UNK-1068: China-Nexus APT Targeting Critical Infrastructure via DLL Sideloading, Xnote Backdoor, ScanPortPlus Scanner, and FRP Tunneling — HIGH

References

https://www.vmware.com/security/advisories/VMSA-2023-0023.html
https://www.vicarius.io/vsociety/posts/understanding-cve-2023-34048-a-zero-day-out-of-bound-write-in-vcenter-server
https://www.vmware.com/security/advisories/VMSA-2023-0023.html
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-34048

Full detection coverage & IOCs for threats exploiting CVE-2023-34048 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence