CVE-2023-34048: 
vSphere vCenter Server vulnerability analysis and mitigation

VMware vCenter Server contains a critical out-of-bounds write vulnerability (CVE-2023-34048) in the implementation of the DCERPC protocol, discovered and responsibly reported to VMware. The vulnerability was disclosed on October 25, 2023, and affects multiple versions of VMware vCenter Server and VMware Cloud Foundation. This vulnerability has received a CVSS v3.1 base score of 9.8 (Critical) (VMware Advisory).

The vulnerability exists as an out-of-bounds write flaw in the DCERPC protocol implementation of vCenter Server. The issue affects multiple versions including vCenter Server 8.0, 7.0, 6.7, 6.5, and Cloud Foundation versions 5.x, 4.x, and 3.x. The vulnerability has been assigned a Critical severity rating with a CVSSv3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating the highest level of severity (VMware Advisory, NVD).

The vulnerability allows a malicious actor with network access to vCenter Server to trigger an out-of-bounds write condition that could potentially lead to remote code execution. The critical severity rating indicates that successful exploitation could result in complete compromise of the affected system (VMware Advisory, Arctic Wolf).

VMware has released patches for all affected versions, including end-of-life products due to the critical nature of the vulnerability. Fixed versions include vCenter Server 8.0U2, 8.0U1d, 7.0U3o, 6.7U3T, and 6.5.0U3V. For Cloud Foundation, patches are available through KB88287 for versions 5.x and 4.x, and KB95194 for version 3.x. No viable in-product workarounds are available, making patching the only effective mitigation strategy (VMware Advisory).