The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted packet leading to denial-of-service of certain services (vmcad, vmdird, and vmafdd).

Related CVEs

CVE-2023-20896

Key Information

GHSA ID

GHSA-fm8c-6m3x-v3rf

Published

June 22, 2023 3:30 PM

Last Modified

April 4, 2024 5:00 AM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 28, 2025 6:37 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.