top of page

VMware Updates vCenter and ESXi to Fix Critical Vulnerabilities Rated 9.8

The following report is intended to notify suspicious activity that has been observed and/or detected by our SOC specialists to avoid the existence of a security incident.


VMware vCenter Server


VMware vCenter Server Updates


Multiple stack overflow and privilege escalation vulnerabilities have been discovered in VMware vCenter Server updates.


A malicious actor with network access to vCenter Server can trigger these vulnerabilities by sending a specially crafted network packet that could lead to remote code execution and take over the system.

Threat  

Vulnerability

Affected products

Stack Overflow and Privilege Escalation Vulnerabilities in VMware vCenter Server Upgrades.

CVE-2024-37079 

CVE-2024-37080 

CVE-2024-37081 

VMware vCenter Server 

VMware Cloud Foundation 

Table 1. Threat Details


CVE-2024-37079: Stack overflow vulnerability in VMware vCenter Server. An attacker can execute arbitrary code on the affected server and allow an unauthenticated remote attacker to compromise the integrity and availability of the system.


CVE-2024-37080: Privilege escalation vulnerability in VMware vCenter Server. An attacker with local access increases his or her administrative privileges and performs unauthorized operations on the system by taking control of it.


CVE-2024-37081: Privilege escalation vulnerability in VMware vCenter Server, similar to CVE-2024-37080, allows an attacker with limited privileges to escalate privileges and execute commands with elevated rights.


References


Fixed versions and release notes.



Recommendations


Patch and implement security updates provided by VMware without delay.


  • Ensure that different parts of the network are segmented to limit lateral movement of attackers.

  • Establish a risk-based remediation strategy documented in a remediation process, with monthly or more frequent reviews.

  • Perform operating system updates on company assets through automated patch management on a monthly or more frequent basis.

  • Apply the updates listed in the "Fixed Version" column of the "Response Matrix" below to the affected deployments.

  • Establish a penetration testing program appropriate to the size, complexity and maturity of the company.

0 comments

Comments


bottom of page