Zibo Li

**Name of the Vulnerable Software and Affected Versions** VMware vCenter Server versions prior to 8.0U2d, 8.0U1e, and 7.0U3r **Description** VMware vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. This out-of-bounds write flaw allows a malicious actor with network access to trigger the vulnerability by sending a specially crafted network packet, potentially leading to remote code execution. The vulnerability is actively being exploited in the wild, and CISA has added it to its Known Exploited Vulnerabilities Catalog. Successful exploitation can enable broad takeover and lateral movement across an organization’s virtual infrastructure. The vulnerability is rated with a CVSS score of 9.8, indicating critical severity. **Recommendations** Update VMware vCenter Server to version 8.0U2d or later. Update VMware vCenter Server to version 8.0U1e or later. Update VMware vCenter Server to version 7.0U3r or later.

**Name of the Vulnerable Software and Affected Versions** VMware vCenter Server (affected versions not specified) **Description** The issue is a heap-overflow vulnerability in the implementation of the DCERPC protocol within VMware vCenter Server. A malicious actor with network access can trigger this by sending a specially crafted network packet, potentially leading to remote code execution. The vulnerability is due to improper memory handling during the processing of DCERPC protocol requests. The DCERPC protocol is a remote procedure call mechanism used for communication between different components of the vCenter Server. Exploitation allows an unauthenticated attacker to execute arbitrary code on the server. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.