Security News > 2024 > June > Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080)
VMware by Broadcom has fixed two critical vulnerabilities affecting VMware vCenter Server and products that contain it: vSphere and Cloud Foundation.
"A malicious actor with network access to vCenter Server may trigger these vulnerabilities by sending a specially crafted network packet potentially leading to remote code execution," the company said, but noted that they are currently not aware of them being exploited "In the wild".
VMware vCenter Server is a popular server management solution for controlling vSphere environments.
At the same time, VMware has fixed several local privilege escalation vulnerabilities that may arise due to misconfiguration of sudo and may allow an authenticated local user with non-administrative privileges to elevate privileges to root on vCenter Server Appliance.
The three vulnerabilities have been privately reported by security researchers and affect vCenter Server versions 7.0 and 8.0, as well as Cloud Foundation versions 4.x and 5.x. Products that are past their End of General Support dates - i.e., vSphere 6.5 or 6.7 - "Are not evaluated as part of security advisories. If your organization has extended support please use those processes to request assistance," the company said in an acompanying FAQ document.
"Many appliances, such as the vCenter Server Appliance, have firewalling capabilities accessible through the Virtual Appliance Management Interface. This firewall can be used to help restrict access and potentially help mitigate vulnerabilities."
News URL
https://www.helpnetsecurity.com/2024/06/18/cve-2024-37079-cve-2024-37080/
Related news
- VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- VMware fixes critical RCE, make-me-root bugs in vCenter - for the second time (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
- PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) (source)