CVE-2024-38812

Name of the Vulnerable Software and Affected Versions VMware vCenter Server versions 7.0 through 8.0 VMware Cloud Foundation versions 7.0 through 8.0

Description VMware vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access can exploit this vulnerability by sending a specially crafted network packet, potentially leading to remote code execution. This vulnerability, tracked as CVE-2024-38812, has a CVSS score of 9.8 and is actively exploited. The initial patch released in September 2024 did not fully address the vulnerability, requiring a subsequent update. The vulnerability was also demonstrated during a hacking contest. Over 2,800 systems are exposed online.

Recommendations Apply the latest security updates for VMware vCenter Server version 7.0 Update 3t or later. Apply the latest security updates for VMware vCenter Server version 8.0 Update 2e or later. Apply the latest security updates for VMware Cloud Foundation version 7.0 Update 3t or later. Apply the latest security updates for VMware Cloud Foundation version 8.0 Update 2e or later.