CVE-2023-20894

Name of the Vulnerable Software and Affected Versions VMware vCenter Server (affected versions not specified)

Description The issue is caused by a buffer overflow in the memory of the DCERPC protocol implementation in VMware vCenter Server. This can be exploited by a remote attacker to cause a denial of service or execute arbitrary code. A malicious actor with network access to vCenter Server can trigger memory corruption by sending a specially crafted packet, leading to an out-of-bounds write.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.