Patch Issued for Crucial VMware vCenter Flaw Permitting Distant Code Execution

Sep 18, 2024Ravie LakshmananVirtualization / Community Safety

Broadcom on Tuesday launched updates to deal with a important safety flaw impacting VMware vCenter Server that would pave the best way for distant code execution.

The vulnerability, tracked as CVE-2024-38812 (CVSS rating: 9.8), has been described as a heap-overflow vulnerability within the DCE/RPC protocol.

“A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution,” the virtualization providers supplier mentioned in a bulletin.

Cybersecurity

The shortcoming is just like two different distant code execution flaws, CVE-2024-37079 and CVE-2024-37080 (CVSS scores: 9.8), that VMware resolved in vCenter Server in June 2024.

Additionally addressed by VMware is a privilege escalation flaw within the vCenter Server (CVE-2024-38813, CVSS rating: 7.5) that would allow a malicious actor with community entry to the occasion to escalate privileges to root by sending a specifically crafted community packet.

Safety researchers zbl and srs of group TZL have been credited with discovering and reporting the 2 flaws throughout the Matrix Cup cybersecurity competitors held in China again in June 2024. They’ve been mounted within the under variations –

  • vCenter Server 8.0 (Mounted in 8.0 U3b)
  • vCenter Server 7.0 (Mounted in 7.0 U3s)
  • VMware Cloud Basis 5.x (Mounted in 8.0 U3b as an asynchronous patch)
  • VMware Cloud Basis 4.x (Mounted in 7.0 U3s as an asynchronous patch)

Broadcom mentioned it is not conscious of malicious exploitation of the 2 vulnerabilities, however has urged prospects to replace their installations to the most recent variations to safeguard in opposition to potential threats.

“These vulnerabilities are memory management and corruption issues which can be used against VMware vCenter services, potentially allowing remote code execution,” the corporate mentioned.

Cybersecurity

The event comes because the U.S. Cybersecurity and Infrastructure Safety Company (CISA) and the Federal Bureau of Investigation (FBI) launched a joint advisory urging organizations to work in direction of eliminating cross-site scripting (XSS) flaws that menace actors might exploit to breach methods.

“Cross-site scripting vulnerabilities arise when manufacturers fail to properly validate, sanitize, or escape inputs,” the federal government our bodies mentioned. “These failures allow threat actors to inject malicious scripts into web applications, exploiting them to manipulate, steal, or misuse data across different contexts.”

Discovered this text fascinating? Comply with us on Twitter and LinkedIn to learn extra unique content material we publish.

Recent articles

How AI Is Reworking IAM and Id Safety

Lately, synthetic intelligence (AI) has begun revolutionizing Id Entry...

Vietnamese Hacker Group Deploys New PXA Stealer Focusing on Europe and Asia

Nov 15, 2024Ravie LakshmananMalware / Credential Theft A Vietnamese-speaking risk...

Excessive-Severity Flaw in PostgreSQL Permits Hackers to Exploit Surroundings Variables

Nov 15, 2024Ravie LakshmananVulnerability / Database Safety Cybersecurity researchers have...

CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Assault Confirmed

Nov 15, 2024Ravie LakshmananCommunity Safety / Vulnerability The U.S. Cybersecurity...