Security News > 2024 > June > VMware fixes critical vCenter RCE vulnerability, patch now
VMware has issued a security advisory addressing critical vulnerabilities in vCenter Server, including remote code execution and local privilege escalation flaws.
VMware vCenter Server is a central management platform for VMware vSphere, enabling the management of virtual machines and ESXi hosts.
CVE-2024-37079: A heap-overflow vulnerability in the DCERPC protocol implementation of vCenter Server that allows a malicious actor with network access to send specially crafted packets, potentially leading to remote code execution.
CVE-2024-37080: Another heap overflow vulnerability in the DCERPC protocol of vCenter Server.
CVE-2024-37081: This vulnerability arises from a misconfiguration of sudo in vCenter Server, permitting an authenticated local user to exploit this flaw to elevate their privileges to root on the vCenter Server Appliance.
The above flaws impact VMware vCenter Server versions 7.0 and 8.0 and VMware Cloud Foundation versions 4.x and 5.x. Security updates were made available in VMware vCenter Server 8.0 U2d, 8.0 U1e, and 7.0 U3r.
News URL
Related news
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-18 | CVE-2024-37081 | The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance. | 0.0 |
| 2024-06-18 | CVE-2024-37080 | Out-of-bounds Write vulnerability in VMWare Vcenter Server 7.0/8.0 vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. | 9.8 |
| 2024-06-18 | CVE-2024-37079 | Out-of-bounds Write vulnerability in VMWare Vcenter Server 7.0/8.0 vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. | 9.8 |