VMware has disclosed critical vulnerabilities impacting its VMware vSphere and VMware Cloud Foundation products, urging customers to immediately install updates containing patches.
The vulnerabilities are memory management and corruption flaw, potentially leading to remote code execution.
The first set of vulnerabilities are tracked as CVE-2024-37079 and CVE-2024-37080 relate to multiple heap-overflow vulnerabilities in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger these vulnerabilities by sending a specially crafted network packet potentially leading to remote code execution. These issues have been given a CVSS score of 9.8.
The next vulnerability is CVE-2024-37081 with a CVSS score 7.8 is a local privilege escalation vulnerability due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance.
VMware is not currently aware of the exploitation of the vulnerabilities in the wild. It is recommended that customers take immediate action to address the issues.
Version 8.0 U2d is available for VMware’s vCenter Server. This version has fixes for CVE-2024-37079, CVE-2024-37080 and CVE-2024-37081.
8.0 U1e is also available for v 8.0. This has patches for CVE-2024-37079 and CVE-2024-37080.
For customers using vCenter Server v 7.0, v 7.0 U3r is available, which contains fixes for CVE-2024-37079, CVE-2024-37080, CVE-2024-37081.
