Two critical vulnerabilities in VMware’s vCenter Server platform were recently patched by Broadcom, with the more severe of the two being CVE-2024-38812. The company notes that there is a possibility of Remote Code Execution (RCE) attacks as a result of the vulnerability.
VMware vCenter Server is a widely used application in many organizations for managing virtual machines and ESXi hosts, which makes these vulnerabilities particularly concerning.
A heap overflow vulnerability in the Distributed Computing Environment/Remote Procedure Call (DCERPC) protocol is the cause of the CVE-2024-38812 (CVSS: 9.8) issue. By delivering a specially crafted network packet, an attacker with access to the vCenter Server network might take advantage of this vulnerability and potentially cause RCE and complete system compromise.
This vulnerability in VMware vCenter Server allows for privilege escalation. With a CVSSv3 base score of 7.5, this flaw can be exploited by an attacker with network access. By sending a specially crafted network packet, the attacker could elevate their privileges to root, potentially compromising the entire system.
We strongly recommend that customers upgrade to the latest fixed version. Potential in-product workarounds were explored but found to be unfeasible.
Product | Affected Version | Fixed Version |
VMware vCenter | 8.0 | |
7.0 | ||
VMware Cloud Foundation | 5.x | |
4.x |
Please adhere to your organization’s patching and testing procedures to reduce any possible operational impact.
Citrix published a security bulletin on October 10, 2023, regarding a vulnerability (CVE-2023-4966) that affects the NetScaler ADC and NetScaler […]
Remote Desktop Software AnyDesk recently faced a cyberattack. On February 1st, 2024, AnyDesk revealed that a cyber attack had allowed […]
Rapid7 Managed Detection and Response (MDR) found potential exploitation of Apache ActiveMQ CVE-2023-46604 in two distinct customer scenarios on Friday, […]