VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi

VMware

VMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution.

The list of vulnerabilities is as follows –

  • CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8) – Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could allow a bad actor with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet
  • CVE-2024-37081 (CVSS score: 7.8) – Multiple local privilege escalation vulnerabilities in VMware vCenter arising due to the misconfiguration of sudo that an authenticated local user with non-administrative privileges could exploit to obtain root permissions

This is not the first time VMware has addressed shortcomings in the implementation of the DCE/RPC protocol. In October 2023, the Broadcom-owned virtualization services provider patched another critical security hole (CVE-2023-34048, CVSS score: 9.8) that could also be abused to execute arbitrary code remotely.

Cybersecurity

Chinese cybersecurity company QiAnXin LegendSec researchers Hao Zheng and Zibo Li have been credited with discovering and reporting CVE-2024-37079 and CVE-2024-37080. The discovery of CVE-2024-37081 has been credited to Matei “Mal” Badanoiu at Deloitte Romania.

All three issues, which affect vCenter Server versions 7.0 and 8.0, have been addressed in versions 7.0 U3r, 8.0 U1e, and 8.0 U2d.

While there are no known reports of any of the vulnerabilities being actively exploited in the wild, it’s essential that users move quickly to apply the patches in light of their criticality.



Original Source


A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

To keep up to date follow us on the below channels.