Greetings from the VMware Security Response Center!
Today we wanted to address CVE-2023-29552 – a vulnerability in SLP that could allow for a reflective denial-of-service amplification attack that was disclosed on April 25th, 2023.
VMware has investigated this vulnerability and determined that currently supported ESXi releases (ESXi 7.x and 8.x lines) are not impacted.
However, releases that have reached end of general support (EOGS) such as 6.7 and 6.5 have been found to be impacted by CVE-2023-29552. As per previous guidance and best practice VMware recommends that the best option to address CVE-2023-29552 is to upgrade to a supported release line that is not impacted by the vulnerability. ESXi 7.0 U2c and newer, and ESXi 8.0 GA and newer, ship with the SLP service hardened, disabled by default, and filtered by the ESXi firewall. In lieu of an upgrade to a supported release, ESXi admins should ensure that their ESXi hosts are not exposed to untrusted networks and also disable SLP following the instructions in KB76372.
VMware would like to thank Bitsight and CISA for reporting this vulnerability to us.