CVE-2023-34048

KEV

Published: Ott 25, 2023 Last Modified: Ott 30, 2025

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 9,8

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,9321

Percentile

1,0th

Updated

EPSS Score Trend (Last 90 Days)

787

Out-of-bounds Write

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Availability Other

Potential Impacts:

Modify Memory Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Unexpected State

Applicable Platforms

Languages: Assembly, C, C++, Memory-Unsafe

Technologies: ICS/OT

Likelihood of Exploit: High

View CWE Details

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 8.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:8.0:c:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 8.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:8.0:b:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update3n:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update3l:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update3k:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update3j:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version Range Affected

From 4.0 (inclusive)

To 5.5 (inclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 8.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:8.0:update1c:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update3m:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 8.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:8.0:update1b:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 8.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:8.0:update1a:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 8.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:8.0:update1:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 8.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:8.0:-:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update3i:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 8.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:8.0:a:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Vcenter Server by Vmware

Product Information

Vendor Vmware

Product Vcenter Server

Version 7.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://www.cisa.gov/known-exploited-vulnerabilities-catalo…

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023…

https://www.vicarius.io/vsociety/posts/understanding-cve-20…

https://www.vicarius.io/vsociety/posts/understanding-cve-2023-34048-a-zero-day-…

https://www.vmware.com/security/advisories/VMSA-2023-0023.h…

https://www.vmware.com/security/advisories/VMSA-2023-0023.html

https://www.vmware.com/security/advisories/VMSA-2023-0023.h…

https://www.vmware.com/security/advisories/VMSA-2023-0023.html