Headline
VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi
VMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution. The list of vulnerabilities is as follows -
CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8) - Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could
Network Security / Vulnerability
VMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution.
The list of vulnerabilities is as follows -
CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8) - Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could allow a bad actor with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet
CVE-2024-37081 (CVSS score: 7.8) - Multiple local privilege escalation vulnerabilities in VMware vCenter arising due to the misconfiguration of sudo that an authenticated local user with non-administrative privileges could exploit to obtain root permissions
This is not the first time VMware has addressed shortcomings in the implementation of the DCE/RPC protocol. In October 2023, the Broadcom-owned virtualization services provider patched another critical security hole (CVE-2023-34048, CVSS score: 9.8) that could also be abused to execute arbitrary code remotely.
Chinese cybersecurity company QiAnXin LegendSec researchers Hao Zheng and Zibo Li have been credited with discovering and reporting CVE-2024-37079 and CVE-2024-37080. The discovery of CVE-2024-37081 has been credited to Matei “Mal” Badanoiu at Deloitte Romania.
All three issues, which affect vCenter Server versions 7.0 and 8.0, have been addressed in versions 7.0 U3r, 8.0 U1e, and 8.0 U2d.
While there are no known reports of any of the vulnerabilities being actively exploited in the wild, it’s essential that users move quickly to apply the patches in light of their criticality.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Related news
Broadcom on Tuesday released updates to address a critical security flaw impacting VMware vCenter Server that could pave the way for remote code execution. The vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), has been described as a heap-overflow vulnerability in the DCE/RPC protocol. "A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a
A trio of bugs could allow hackers to escalate privileges and remotely execute code on virtual machines deployed across cloud environments.
An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical vulnerability in VMware vCenter Server as a zero-day since late 2021. "UNC3886 has a track record of utilizing zero-day vulnerabilities to complete their mission without being detected, and this latest example further
VMware is warning of a critical and unpatched security flaw in Cloud Director that could be exploited by a malicious actor to get around authentication protections. Tracked as CVE-2023-34060 (CVSS score: 9.8), the vulnerability impacts instances that have been upgraded to version 10.5 from an older version. "On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with
Hello everyone! October was an interesting and busy month for me. I started a new job, worked on my open source Vulristics project, and analyzed vulnerabilities using it. Especially Linux vulnerabilities as part of my new Linux Patch Wednesday project. And, of course, analyzed Microsoft Patch Tuesday as well. In addition, at the end of […]
Plus: Major vulnerability fixes are now available for a number of enterprise giants, including Cisco, VMWare, Citrix, and SAP.
VMware vCenter Servers need immediate patch against critical RCE bug as race against threat actors begins.
Categories: Business Categories: Exploits and vulnerabilities Categories: News Tags: VMWare Tags: vCenter Server Tags: CVE-2023-34056 Tags: CVE-2023-34048 Tags: DCE/RPC Tags: out of bounds write Tags: information disclosure Tags: remote code execution VMWare has issued an update to address out-of-bounds write and information disclosure vulnerabilities in its server management software, vCenter Server. (Read more...) The post Update vCenter Server now! VMWare fixes critical vulnerability appeared first on Malwarebytes Labs.
VMware has released security updates to address a critical flaw in the vCenter Server that could result in remote code execution on affected systems. The issue, tracked as CVE-2023-34048 (CVSS score: 9.8), has been described as an out-of-bounds write vulnerability in the implementation of the DCE/RPC protocol. "A malicious actor with network access to vCenter Server may trigger an out-of-bounds