CVE-2023-34048

Vulnerability updated 7 days ago (2024-11-29T14:25:25.005Z)
Download STIX
Preview STIX
CVE-2023-34048 is a critical out-of-bounds write vulnerability discovered in VMware's vCenter Server, a widely used server management software. This flaw in software design or implementation poses a high risk of exploitation and has a Common Vulnerability Scoring System (CVSSv3) score of 9.8 out of 10, indicating its severity. Alongside this, VMware also addressed a moderate-severity information disclosure flaw (CVE-2023-34056) affecting both the vCenter Server and VMware Cloud Foundation. The vulnerability CVE-2023-34048 was actively exploited by a Chinese hacking group as a zero-day since late 2021. By October, the issue escalated to the point where it was being used for remote code execution attacks, prompting VMware to take action. The company confirmed that the flaw was under active exploitation, which necessitated immediate remediation. In response to these threats, VMware released patches for both vulnerabilities in October. The company fixed the critical vCenter Server flaw (CVE-2023-34048), effectively preventing potential remote code execution attacks. Security advisories were issued, providing users with necessary guidance on addressing these vulnerabilities. As of now, the critical flaws have been mitigated, but users are strongly advised to apply the patches to protect their systems from potential exploits.
Description last updated: 2024-03-17T13:16:08.240Z
What's your take? (Question 1 of 4)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Vcenter
Vmware
Zero Day
Mandiant
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The Unc3886 Threat Actor is associated with CVE-2023-34048. UNC3886 is a threat actor, believed to be linked to China, that has been active in cyberespionage activities. The group has been exploiting a zero-day vulnerability in VMware's vCenter Server, identified as CVE-2023-34048, since at least late 2021. This advanced persistent threat (APT) group's actioUnspecified
3
Source Document References
Information about the CVE-2023-34048 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Securityaffairs
4 months ago
Securityaffairs
4 months ago
Securityaffairs
10 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
BankInfoSecurity
6 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
7 months ago
Securityaffairs
7 months ago
Securityaffairs
8 months ago
Securityaffairs
8 months ago
Securityaffairs
8 months ago
Securityaffairs
8 months ago
Securityaffairs
9 months ago
Securityaffairs
9 months ago