VMware ESXi Shadow Copy Service Information Disclosure Vulnerability

Sep 12, 2023

Emma Rodriguez

3254 views

Summary

An information disclosure vulnerability in the VMware ESXi Shadow Copy Service allows an attacker to access sensitive information from virtual machine snapshots.

Description

VMware ESXi contains an information disclosure vulnerability in the Shadow Copy Service that could allow an attacker with local access to a host to access sensitive information from virtual machine snapshots. The Shadow Copy Service is used to create and manage point-in-time copies (snapshots) of virtual machines.

Due to improper access controls, an attacker with local access to the ESXi host could potentially access snapshot data from virtual machines, including memory dumps and disk snapshots that may contain sensitive information such as credentials, encryption keys, or confidential data.

This vulnerability affects the snapshot management functionality in ESXi and could lead to unauthorized access to sensitive data across multiple virtual machines hosted on the affected ESXi server.

Affected Products

ESXi 8.0 before ESXi80U1e-22654752
ESXi 7.0 before ESXi70U3r-22750912
ESXi 6.7 before ESXi670-202309101-SG

CVSS Score

7.1

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

References

About the Author

Emma Rodriguez

Security Researcher

Emma specializes in virtualization security with a focus on data protection and privacy issues.

Related Vulnerabilities

CVE-2023-20900

Medium

VMware ESXi NVMe Controller Out-of-Bounds Read Vulnerability

An out-of-bounds read vulnerability in the VMware ESXi NVMe controller allows a guest virtual machine to read hypervisor memory, potentially leading to information disclosure.