"VMware Patches Code Execution Vulnerabilities in vCenter Server"

Virtualization giant VMware has recently published software updates to address multiple memory corruption vulnerabilities in vCenter Server that could lead to remote code execution.  Five security defects were patched in the software's implementation of the DCERPC protocol, including four that VMware flags as "important," with a CVSS score of 8.1.  VMware noted that two of these issues tracked as CVE-2023-20892 (heap buffer overflow due to uninitialized memory) and CVE-2023-20893 (use-after-free) could lead to code execution.  VMware stated that a malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server.  Another vulnerability patched is CVE-2023-20894, a remotely exploitable out-of-bounds write bug that can be triggered via specially crafted packets to cause memory corruption.  The fourth vulnerability, CVE-2023-20895, is a memory corruption flaw that can be exploited over the network to bypass authentication.  The software updates also addressed an important severity out-of-bounds read vulnerability that a malicious actor can exploit remotely to cause a denial-of-service (DoS) condition on services such as vmcad, vmdird, and vmafdd.  Patches for all flaws were included in vCenter Server and Cloud Foundation versions 8.0 U1b and 7.0 U3m.  VMware also released Async patches for VCF customers.

SecurityWeek reports: "VMware Patches Code Execution Vulnerabilities in vCenter Server"