Multiple remote code execution in VMWare products.
Date of Publish: June 20,24
Severity:Critical
Affected Software:
- VMware vCenter Server
- VMware Cloud Foundation
Summary:
Multiple remote code execution vulnerabilities in VMware products which can allow attacket to take over the contrl of the affected systems.
Description:
The list of vulnerabilities is as follows -
- CVE-2024-37079 & CVE-2024-37080- Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could allow a,n attacker with network access to vCenter Server can do remote code execution by sending a specially crafted network packet
- CVE-2024-37081 - Multiple local privilege escalation vulnerabilities in VMware vCenter arising due to the misconfiguration of ("sudo") that an authenticated local user with non-administrative privileges could exploit to obtain root permissions.
Impacted CVE:
CVE-2024-37079
CVE-2024-37080
CVE-2024-37081
Solution:
https://core.vmware.com/resource/vmsa-2024-0012-questions-answers#introduction
Vendor reference:
https://core.vmware.com/resource/vmsa-2024-0012-questions-answers#introduction
Broadcom:
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453
NOTE : The information is provide is on “as is “ basis, without assurance of any kind