<\/div>\n

Broadcom addressed a critical vulnerability in the VMware vCenter Server that could allow remote attackers to achieve code execution.<\/h2>\n\n\n\n

Broadcom released security updates to address a critical vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), in VMware vCenter Server<\/a> that could lead to remote code execution.<\/p>\n\n\n\n

vCenter Server is a critical component in VMware virtualization and cloud computing software suite. It serves as a centralized and comprehensive management platform for VMware\u2019s virtualized data centers.<\/gwmw><\/gwmw><\/p>\n\n\n\n

The vulnerability is a heap-overflow vulnerability that resides in the implementation of the DCERPC protocol. <\/p>\n\n\n\n

“A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.” reads the advisory<\/a>.<\/em><\/gwmw><\/p>\n\n\n\n

The company also addressed a privilege escalation vulnerability, tracked as CVE-2024-38813, in vCenter Server.<\/gwmw><\/p>\n\n\n\n

“A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet.” reads the advisory.<\/em><\/p>\n\n\n\n

zbl & srs of team TZL\u00a0discovered both vulnerabilities during the 2024 Matrix Cup<\/a> contest and reported the flaw to Broadcom. <\/p>\n\n\n\n

“These vulnerabilities are memory management and corruption issues which can be used against VMware vCenter services, potentially allowing remote code execution.” states the company<\/a>.<\/em><\/p>\n\n\n\n

The virtualization giant addressed the vulnerabilities with the release of the following versions:<\/p>\n\n\n\n

\n
• vCenter Server 8.0 U3b and 7.0 U3s<\/li>\n\n\n\n
• VMware Cloud Foundation 5.x (Fixed in 8.0 U3b as an asynchronous patch)<\/li>\n\n\n\n
• VMware Cloud Foundation 4.x (Fixed in 7.0 U3s as an asynchronous patch)<\/li>\n<\/ul>\n\n\n\n

  Broadcom it’s not aware of attacks in the wild exploiting these vulnerabilities. <\/p>\n\n\n\n

  In June, VMware addressed multiple vCenter Server vulnerabilities that remote attackers can exploit to achieve remote code execution or privilege escalation.<\/p>\n\n\n\n

  Two heap-overflow flaws, tracked as CVE-2024-37079 and CVE-2024-37080<\/a> respectively, impacted the implementation of the DCERPC protocol.<\/p>\n\n\n\n

  Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/strong><\/a><\/p>\n\n\n\n

  Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n

  (<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, VMware )\u00a0<\/strong><\/gwmw><\/p>\n","protected":false},"excerpt":{"rendered":"

  Broadcom addressed a critical vulnerability in the VMware vCenter Server that could allow remote attackers to achieve code execution. Broadcom released security updates to address a critical vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), in VMware vCenter Server that could lead to remote code execution. vCenter Server is a critical component in VMware virtualization and […]<\/p>\n","protected":false},"author":1,"featured_media":116235,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3323,55],"tags":[15376,4112,9508,9506,10918,841,1533,10686],"class_list":["post-168536","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-breaking-news","category-security","tag-cve-2024-38812","tag-hacking","tag-hacking-news","tag-information-security-news","tag-it-information-security","tag-security-affairs","tag-security-news","tag-vmware-vcenter-server"],"yoast_head":"\n