VMware confirms critical vCenter flaw now exploited in attacks

VMware confirmed that CVE-2023-34048, a critical out-of-bounds write in vCenter Server's DCE/RPC implementation allowing unauthenticated remote code execution, is being exploited in the wild; VMware has issued patches (including for some EOL products) and urged strict network perimeter restrictions because no workaround exists. The report warns that over 2,000 vCenter servers are exposed online, increasing risk that access brokers and ransomware groups targeting VMware ESXi will leverage this vulnerability to breach networks and deploy ransomware.