Critical Vulnerability in VMware vCenter Server

VMware has released emergency security updates to address a critical vulnerability in VMware vCenter Server. The vulnerability (CVE-2023-34048) has a Common Vulnerability Scoring System (CVSSv3) score of 9.8 out of 10. 

Successful exploitation of the vulnerability can trigger an out-of-bounds write, potentially leading to remote code execution (RCE).

The vulnerability affects the following products:

• VMware vCenter Server

• VMware Cloud Foundation

Due to the critical severity of this vulnerability and the lack of a workaround, VMware has also issued updates for multiple end-of-life (EOL) products versions.

Users and administrators of affected products are advised to update to the latest version immediately. 

More information is available here:
https://www.vmware.com/security/advisories/VMSA-2023-0023.html