Security News > 2024 > September > Week in review: Critical VMware vCenter Server bugs fixed, Apple releases iOS 18

Week in review: Critical VMware vCenter Server bugs fixed, Apple releases iOS 18
2024-09-22 08:00

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Critical VMware vCenter Server bugs fixed (CVE-2024-38812) Broadcom has released fixes for two vulnerabilities affecting VMware vCenter Server that can be triggered by sending a specially crafted network packet, and could lead to remote code execution (CVE-2024-38812) or privilege escalation (CVE-2024-38813). Apple releases iOS 18, with security and privacy improvements Apple has launched iOS 18, the latest significant iteration of … More → The post Week in review: Critical VMware vCenter Server bugs fixed, Apple releases iOS 18 appeared first on Help Net Security.


News URL

https://www.helpnetsecurity.com/2024/09/22/week-in-review-critical-vmware-vcenter-server-bugs-fixed-apple-releases-ios-18/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-09-17 CVE-2024-38813 Improper Check for Dropped Privileges vulnerability in VMWare Vcenter Server 7.0/8.0
The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet.
network
low complexity
vmware CWE-273
critical
9.8
2024-09-17 CVE-2024-38812 Out-of-bounds Write vulnerability in VMWare Vcenter Server 7.0/8.0
The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
network
low complexity
vmware CWE-787
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349
Vmware 146 11 222 256 102 591