VMware Vulnerabilities in 2023: What you need to know and do.

November 09, 2023 || Strategix Technology Solutions

Strategix Technology Solutions’ Professional Services Director Maziar Mahmoudi breaks down 2023’s most prominent VMware Common Vulnerabilities and Exposures (CVEs) - and what your business can do to mitigate them.

Ransom Timeline

VMware Security Advisories is a platform that breaks down all of the most recent VMware CVEs (you can read my explainer blog on what VMware CVEs are here).

The Security Advisories platform provides insights and information into the level of CVE, the remediation required to address it, and its overall status.

Another site, CVEdetails.com, also provides a list of VMware CVEs but it adds on some interesting statistics that highlight how important it is for companies to pay attention to the risks and the CVE notifications.

According to CVEdetails, 296 CVEs were created on 10 October 2023, 643 were created throughout the week starting 02 October, and 2,326 were created in a month. Out of those reported in the last 10 years, nearly 31,000 were rated as 9+ (extremely critical) while the majority (40,772) were rated at an average of 7.6.

What are the most notable CVEs of 2023?

  • VMSA-2023-0019.1 – this sits in the 7.5 range and impacts VMware Tools with a SAML token signature bypass vulnerability.
  • VMSA-2023-0018.1 – this is ranked with a CVE score of 9.8 and it highlights multiple vulnerabilities in Aria Operations for Networks.
  • VMSA-2023-0014 – ranked at 8.1, this impacts VMware vCenter Server and VMware Cloud Foundation with a heap overflow vulnerability.
  • VMSA-2023-0012.2 – ranked at 9.8, this CVE outlines multiple vulnerabilities in Aria Operations for Networks.
  • VMSA-2023-0009 – this vulnerability is ranked at 8.8 and it again is affecting VMware Aria Operations.

What are the VMware vulnerability statistics?

CVEdetails has created a map of vulnerability trends over time which highlights how significantly the landscape has changed over the years. For example, in 2020, memory corruption was the dominant vulnerability trend, one that’s reflected in 2023, while in 2017 overflow was the most common vulnerability and this trend has not been repeated since. In fact, overflow has seen little traction since then, while memory corruption, XSS, and SSRF have become increasingly popular.

When these vulnerabilities are looked at by impact types, 2023 has predominantly dealt with code execution, privilege escalation and denial of service while 2022 dealt with code execution, privilege escalation and information leaks.

All of these vulnerabilities are a threat to your business

Which is why Strategix is developing a free vulnerability checker (launching soon!) so you can double-check if your VMware environment is secure. Powered by Hakware Archangel, the checker will send you a vulnerability report for ESXi and Vcenter that allows you to vanquish your vulnerabilities.

It is essential that you stay ahead of these threats. You need to act before cybercriminals clamber into your business by making your platform as bulletproof as possible. You can use the insights from the free report provided by Strategix to strengthen your security posture or to collaborate with our cyber-experts to undertake a detailed audit that will outline the best possible route to protecting your organisation and staying ahead of the threats.

Recent Posts