| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2023-34048 | VMware vCenter Server Out-of-Bounds Write Vulnerability | secondary_impact | T1588.001 | Malware |
Comments
This vulnerability is exploited by an adversary who has already gained network access to the vCenter Server. The adversary sends a crafted payload to the server that has a vulnerable DCERPC protocol and causes an out-of-bounds write on the jmp rax instruction. Adversary group UNC3886 has been attributed to leveraging this vulnerability in the wild to establish a backdoor in victim vCenter servers.
References
|
| CVE-2023-34048 | VMware vCenter Server Out-of-Bounds Write Vulnerability | primary_impact | T1203 | Exploitation for Client Execution |
Comments
This vulnerability is exploited by an adversary who has already gained network access to the vCenter Server. The adversary sends a crafted payload to the server that has a vulnerable DCERPC protocol and causes an out-of-bounds write on the jmp rax instruction. Adversary group UNC3886 has been attributed to leveraging this vulnerability in the wild to establish a backdoor in victim vCenter servers.
References
|