Security News > 2024 > June > VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi
2024-06-18 08:24
VMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution. The list of vulnerabilities is as follows - CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8) - Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could
News URL
https://thehackernews.com/2024/06/vmware-issues-patches-for-cloud.html
Related news
- VMware patches remote make-me-root holes in vCenter Server, Cloud Foundation (source)
- Broadcom fixes critical RCE bug in VMware vCenter Server (source)
- Critical VMware vCenter Server bugs fixed (CVE-2024-38812) (source)
- Week in review: Critical VMware vCenter Server bugs fixed, Apple releases iOS 18 (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE (source)
- Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution (source)
- VMware fixes critical RCE, make-me-root bugs in vCenter - for the second time (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-18 | CVE-2024-37080 | Out-of-bounds Write vulnerability in VMWare Vcenter Server 7.0/8.0 vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. | 9.8 |
| 2024-06-18 | CVE-2024-37079 | Out-of-bounds Write vulnerability in VMWare Vcenter Server 7.0/8.0 vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. | 9.8 |