VMware, a leading virtualization company, has released software patches to fix various memory corruption vulnerabilities found in vCenter Server. These vulnerabilities have the potential to be exploited for remote code execution. The software’s implementation of the DCERPC protocol had five security flaws addressed, four of which were considered ‘important’ by VMware, with a CVSS score of 8.1.
Among these issues, two were specifically identified as CVE-2023-20892 (caused by uninitialized memory) and CVE-2023-20893. As stated in VMware’s advisory, these vulnerabilities could allow malicious actors to execute arbitrary code.
Read More: VMware Patches Code Execution Vulnerabilities in vCenter Server
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.