vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.
CISA Catalog
Date Added
Due Date
Vulnerability Name
Required Action
2024-01-22
2024-02-12
VMware vCenter Server Out-of-Bounds Write Vulnerability
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Date Added: 2024-01-22
Due Date: 2024-02-12
Vulnerability Name: VMware vCenter Server Out-of-Bounds Write Vulnerability
Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.