CVE-2023-34048

CRITICAL
2023-10-25 [email protected]
9.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Mar 26, 2026 - 11:19 vuln.today
PoC Detected
Oct 30, 2025 - 19:52 vuln.today
Public exploit code
Added to CISA KEV
Oct 30, 2025 - 19:52 cisa
CISA KEV
CVE Published
Oct 25, 2023 - 18:17 nvd
CRITICAL 9.8

Description

vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.

Analysis

VMware vCenter Server contains an out-of-bounds write in the DCERPC protocol implementation allowing unauthenticated remote code execution, exploited by Chinese APT groups for ESXi infrastructure compromise.

Technical Context

The CWE-787 out-of-bounds write in the DCERPC protocol implementation allows a network-adjacent attacker to corrupt memory through crafted protocol messages. The exploitation requires only network access to the vCenter Server's DCERPC port (port 443 for vSphere Client embeds DCERPC handling).

Affected Products

['VMware vCenter Server (affected versions before patches)']

Remediation

Apply VMware security patches immediately. Check ESXi hosts for indicators of VirtualPita/VirtualPie. Restrict network access to vCenter management interfaces. Implement vCenter Server High Availability (VCHA) for detection.

Priority Score

222
Low Medium High Critical
KEV: +50
EPSS: +93.2
CVSS: +49
POC: +20

Share

CVE-2023-34048 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy