Home
Application Security

Critical Vulnerabilities Open VMware VMs to Remote Code Execution

VMware has released updates to fix critical vulnerabilities affecting vCenter Server, Cloud Foundation, and vSphere ESXi. Learn more about the flaws that allow remote code execution and privilege escalation attacks.

Anuj Mudaliar Anuj Mudaliar Assistant Editor - Tech, SWZD
June 20, 2024
VWware Logo on Smartphone
(Credits: Shutterstock.com)

  • VMware has released updates addressing critical vulnerabilities affecting the vCenter Server.
  • The vulnerabilities CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081 enable threat actors to run remote code execution and privilege escalation attacks.

Broadcom-owned VMware has released patches to fix critical vulnerabilities in vCenter Server. Threat actors could use these flaws to run privilege escalation and remote code execution attacks. Two of the three vulnerabilities are classified as critical.

CVE-2024-37079 and CVE-2024-37080 have a CVSS score of 9.8. They are heap-overflow vulnerabilities in the DCE/RPC protocol that could allow threat actors unauthorized access to vCenter Servers via a customized network packet, which could aid in achieving conditions for remote code execution. CVE-2024-37081, on the other hand, has a CVSS score of 7.8 and enables privilege escalation through sudo misconfiguration, gaining root permissions.

See More: 95% of Companies Faced API Security Problems in the Last Year: Salt Security Study

The first two vulnerabilities were discovered by QiAnXin LegendSec researchers, while a researcher at Deloitte Romania found the latter. These vulnerabilities affect vCenter Server versions 7.0 and 8.0, and the patches are available in the 7.0 U3r, 8.0 U1e, and 8.0 U2d updates.

This is not the first time VMware has had to fix flaws in implementing the DCE/RPC protocol. CVE-2023-34048, a remote code execution bug with a CVSS score of 9.8, was patched by Broadcom in the latter part of 2023. While the new vulnerabilities have not been exploited in the wild so far, updates are recommended as high priority owing to their critical natures.

LATEST NEWS STORIES

Cybersecurity security
Anuj Mudaliar
Anuj Mudaliar

Assistant Editor - Tech, SWZD

opens a new window opens a new window
opens a new window opens a new window
Anuj Mudaliar is a content development professional with a keen interest in emerging technologies, particularly advances in AI. As a tech editor for Spiceworks, Anuj covers many topics, including cloud, cybersecurity, emerging tech innovation, AI, and hardware. When not at work, he spends his time outdoors - trekking, camping, and stargazing. He is also interested in cooking and experiencing cuisine from around the world.
Take me to Community
Do you still have questions? Head over to the Spiceworks Community to find answers.

Recommended Reads

Google Extends Android Security with Support for Linux Kernel
Application Security

Google Extends Android Security with Support for Linux Kernel

Apple Removes VPN Apps From Russian App Store
Application Security

Apple Removes VPN Apps From Russian App Store

Navigating the Evolving Landscape of Mobile App Distribution
Application Security

Navigating the Evolving Landscape of Mobile App Distribution

Noodle RAT: Researchers Identify Chinese Espionage Backdoor In-Use Since 2018
Application Security

Noodle RAT: Researchers Identify Chinese Espionage Backdoor In-Use Since 2018

Critical Mass: Why We Need to Assess API Security Maturity
Application Security

Critical Mass: Why We Need to Assess API Security Maturity

An Intentional Approach to Reducing Tool Proliferation
Networking

An Intentional Approach to Reducing Tool Proliferation