BREAKING AT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive Hack
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Critical Code Execution Vulnerabilities Patched in VMware vCenter Server

Serious vulnerabilities that can allow remote code execution and privilege escalation have been patched in VMware vCenter Server.

VMware vulnerability

Broadcom-owned VMware has announced patches for several serious vCenter Server vulnerabilities that can allow remote code execution or privilege escalation.

Two heap-overflow vulnerabilities, tracked as CVE-2024-37079 and CVE-2024-37080 and classified as having critical severity, impact the implementation of the DCERPC protocol.

“A malicious actor with network access to vCenter Server may trigger these vulnerabilities by sending a specially crafted network packet potentially leading to remote code execution,” VMware said in its advisory.

VMware has credited researchers from Chinese cybersecurity company Qi An Xin for reporting the two flaws.

The same advisory also informs customers about CVE-2024-37081, a CVE assigned to multiple high-severity local privilege escalation vulnerabilities caused by the misconfiguration of Sudo. 

“An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance,” the company explained.

Matei Badanoiu of Deloitte Romania has been credited for reporting these issues.

In an FAQ document, the company clarified that it’s not aware of attacks exploiting any of the three vulnerabilities in the wild.

Advertisement. Scroll to continue reading.

vCenter Server versions 7.0 and 8.0 are impacted. Fixes for the vulnerabilities are included in versions 8.0 U2d, 8.0 U1e and 7.0 U3r. 

The location of VMware security advisories changed recently and they are now available on the Broadcom Support Portal.

Related: VMware Patches Vulnerabilities Exploited at Pwn2Own 2024

Related: VMware Patches Critical ESXi Sandbox Escape Flaws

Related: Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

ICS and OT cybersecurity solutions provider TXOne Networks appoints Stephen Driggers as new CRO

Identity orchestration provider Strata Identity appoints Aldo Pietropaolo as Field CTO

Cybersecurity provider for the aviation industry Cyviation has appointed Eliran Almog as Chief Executive Officer.

More People On The Move

Expert Insights