Security News > 2024 > June > VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi
2024-06-18 08:24
VMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution. The list of vulnerabilities is as follows - CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8) - Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could
News URL
https://thehackernews.com/2024/06/vmware-issues-patches-for-cloud.html
Related news
- It's Time to Master the Lift & Shift: Migrating from VMware vSphere to Microsoft Azure (source)
- Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern (source)
- Linux version of TargetCompany ransomware focuses on VMware ESXi (source)
- VMware by Broadcom warns of two critical vCenter flaws, plus a nasty sudo bug (source)
- Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080) (source)
- VMware fixes critical vCenter RCE vulnerability, patch now (source)
- UNC3886 hackers use Linux rootkits to hide on VMware ESXi VMs (source)
- Linux version of RansomHub ransomware targets VMware ESXi VMs (source)
- Week in review: CDK Global cyberattack, critical vCenter Server RCE fixed (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-18 | CVE-2024-37080 | vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. | 0.0 |
| 2024-06-18 | CVE-2024-37079 | vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. | 0.0 |