The US CISA has added VMware vulnerabilities to its Known Exploited Vulnerability Catalog based on the evidence of active exploitation. A detailed write-up about these vulnerabilities has been already released by TheCyberthrone.
CVE-2024-38812
The vulnerability with a CVSS score of 9.8 and CWE-122 is a VMware vCenter server that contains a heap-based buffer overflow vulnerability in the implementation of the DCERPC protocol. This vulnerability could allow an attacker with network access to the vCenter server to execute remote code by sending a specially crafted packet.
CVE-2024-38813
The vulnerability with a CVSS score of 7.5 and CWE-250, CWE-273, is a VMware vCenter that contains an improper check for dropped privileges vulnerability. This vulnerability could allow an attacker with network access to the vCenter server to escalate privileges to root by sending a specially crafted packet.
The CISA has set 11th December 2024 and has a deadline for federal agencies to remediate the vulnerabilities
