Broadcom Releases Critical Security Updates for VMware vCenter Server and Cloud Foundation
Advisory addresses three vulnerabilities that could result in privilege escalation or remote code execution
Summary
Advisory addresses three vulnerabilities that could result in privilege escalation or remote code execution
Affected platforms
The following platforms are known to be affected:
Threat details
Introduction
Broadcom has issued an advisory addressing three security vulnerabilities in VMware vCenter Server, the centralised management utility for virtual machines and hosts, and VMware Cloud Foundation, the private cloud platform.
Vulnerability details
- CVE-2024-37079 is a heap-overflow vulnerability in VMware vCenter Server with a CVSSv3 score of 9.8. A malicious attacker with network access to vCenter Server could trigger this vulnerability by sending a specially crafted network packet, potentially leading to remote code execution.
-
CVE-2024-37080 is also a heap-overflow vulnerability in VMware vCenter Server with a CVSSv3 score of 9.8. A malicious attacker with network access to vCenter Server could trigger this vulnerability by sending a specially crafted network packet, potentially leading to remote code execution.
-
CVE-2024-37081 is a privilege escalation vulnerability in vCenter Server with a CVSSv3 score of 7.8. An authenticated local attacker with non-administrative privileges could exploit these issues to elevate privileges to root on vCenter Server Appliance.
Proof-of-concept exploit code has been published for CVE-2024-37081
Proof-of-concept exploit code for CVE-2024-37081 has been publicly released. Exploitation is considered more likely.
Threat updates
| Date | Update |
|---|---|
| 9 Jul 2024 | Proof-of-concept released for exploitation of CVE-2024-37081 |
Remediation advice
Affected organisations are encouraged to review Broadcom's VMware advisory VMSA-2024-0012 and apply the relevant updates.
Definitive source of threat updates
CVE Vulnerabilities
Last edited: 9 July 2024 3:02 pm