CVE-2023-34048

Vulnerability updated 4 months ago (2024-05-04T19:08:22.832Z)

Download STIX

Preview STIX

CVE-2023-34048 is a critical out-of-bounds write vulnerability discovered in VMware's vCenter Server, a widely used server management software. This flaw in software design or implementation poses a high risk of exploitation and has a Common Vulnerability Scoring System (CVSSv3) score of 9.8 out of 10, indicating its severity. Alongside this, VMware also addressed a moderate-severity information disclosure flaw (CVE-2023-34056) affecting both the vCenter Server and VMware Cloud Foundation. The vulnerability CVE-2023-34048 was actively exploited by a Chinese hacking group as a zero-day since late 2021. By October, the issue escalated to the point where it was being used for remote code execution attacks, prompting VMware to take action. The company confirmed that the flaw was under active exploitation, which necessitated immediate remediation. In response to these threats, VMware released patches for both vulnerabilities in October. The company fixed the critical vCenter Server flaw (CVE-2023-34048), effectively preventing potential remote code execution attacks. Security advisories were issued, providing users with necessary guidance on addressing these vulnerabilities. As of now, the critical flaws have been mitigated, but users are strongly advised to apply the patches to protect their systems from potential exploits.

Description last updated: 2024-03-17T13:16:08.240Z

What's your take? (Question 1 of 4)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Vcenter

Vmware

Zero Day

Mandiant

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

ID	Type	Votes	Profile Description
Unc3886	Unspecified	3	UNC3886 is a threat actor, believed to be linked to China, that has been active in cyberespionage activities. The group has been exploiting a zero-day vulnerability in VMware's vCenter Server, identified as CVE-2023-34048, since at least late 2021. This advanced persistent threat (APT) group's actio

Source Document References

Information about the CVE-2023-34048 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securityaffairs	a month ago	SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 6
Securityaffairs	a month ago	security-affairs-malware-newsletter-round-5
Securityaffairs	8 months ago	CISA adds VMware vCenter Server bug to its Known Exploited Vulnerabilities catalog
Securityaffairs	2 months ago	Security Affairs Malware Newsletter - Round 3
Securityaffairs	2 months ago	Security Affairs Malware Newsletter - Round 3
Securityaffairs	2 months ago	Security Affairs Malware Newsletter - Round 2
Securityaffairs	2 months ago	Security Affairs Malware Newsletter - Round 1
Securityaffairs	3 months ago	Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	3 months ago	Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION
BankInfoSecurity	3 months ago	Chinese Hackers Used Open-Source Rootkits for Espionage
Securityaffairs	3 months ago	Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	4 months ago	Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	4 months ago	Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	5 months ago	Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	5 months ago	Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	5 months ago	Security Affairs newsletter Round 466 by Pierluigi Paganini
Securityaffairs	6 months ago	Security Affairs newsletter Round 465 by Pierluigi Paganini
Securityaffairs	6 months ago	Security Affairs newsletter Round 464 by Pierluigi Paganini
Securityaffairs	6 months ago	Security Affairs newsletter Round 463 by Pierluigi Paganini
Securityaffairs	6 months ago	Security Affairs newsletter Round 462 by Pierluigi Paganini