Zbl

**Name of the Vulnerable Software and Affected Versions** VMware vCenter Server versions 7.0 through 8.0 VMware Cloud Foundation versions 7.0 through 8.0 **Description** VMware vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access can exploit this vulnerability by sending a specially crafted network packet, potentially leading to remote code execution. This vulnerability, tracked as CVE-2024-38812, has a CVSS score of 9.8 and is actively exploited. The initial patch released in September 2024 did not fully address the vulnerability, requiring a subsequent update. The vulnerability was also demonstrated during a hacking contest. Over 2,800 systems are exposed online. **Recommendations** Apply the latest security updates for VMware vCenter Server version 7.0 Update 3t or later. Apply the latest security updates for VMware vCenter Server version 8.0 Update 2e or later. Apply the latest security updates for VMware Cloud Foundation version 7.0 Update 3t or later. Apply the latest security updates for VMware Cloud Foundation version 8.0 Update 2e or later.

**Name of the Vulnerable Software and Affected Versions** VMware vCenter Server (affected versions not specified) **Description** The vCenter Server contains a privilege escalation issue. An attacker with network access to the vCenter Server can exploit this to gain root-level privileges by sending a specially crafted network packet. The vulnerability relates to flaws in access control within the virtual infrastructure management software. Multiple sources indicate this is related to a DCE/RPC packet-based flaw. There is no information available regarding the number of potentially affected devices or any real-world incidents where this issue has been exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.