SB2023091109 - Fedora 39 update for open-vm-tools

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023091109

SB2023091109 - Fedora 39 update for open-vm-tools

Published: September 11, 2023

Security Bulletin ID SB2023091109
Severity
High
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Adjecent network
Highest impact Code execution

Breakdown by Severity

High 50% Medium 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Improper Authentication (CVE-ID: CVE-2023-20867)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in the vgauth module. An attacker who compromised the ESXi host can bypass authentication process and execute privileged commands across Windows, Linux, and PhotonOS (vCenter) guest VMs without authentication of guest credentials from a compromised ESXi host and no default logging on guest VMs.

Note, the vulnerability is being actively exploited in the wild by the UNC3886 APT actor.


2) Cryptographic issues (CVE-ID: CVE-2023-20900)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to improper verification of SAML token signature. A remote attacker can bypass SAML token signature verification and perform man-in-the-middle (MITM) network positioning between vCenter server and the virtual machine.


Remediation

Install update from vendor's website.

References