VMware vCenter is vulnerable to two security vulnerabilities, tracked as CVE-2024-38812 & CVE-2024-38813. One vulnerability (CVE-2024-38812) has been given a critical severity rating that may allow an attacker to perform remote code execution. The second vulnerability (CVE-2024-38812) may result in privilege escalation.
VMware vCenter is an advanced server management software. The software has a centralized platform for controlling vSphere environments for visibility across hybrid clouds. The software protects the vCenter Server Appliance and related services with native high availability (HA) and a recovery time objective of less than 10 minutes.
VMware vCenter Server Heap-overflow Vulnerability (CVE-2024-38812)
The heap overflow vulnerability in the implementation of the DCERPC protocol has a critical severity rating with a CVSSv3 base score of 9.8. An attacker must have network access to the vCenter Server to exploit the vulnerability. An attacker may exploit this vulnerability by sending a specially crafted network packet, potentially leading to remote code execution.
VMware vCenter Privilege Escalation Vulnerability (CVE-2024-38813)
The privilege escalation vulnerability has an important severity rating with a CVSSv3 base score of 7.5. An attacker must have network access to the vCenter Server to exploit the vulnerability. An attacker may exploit this vulnerability by sending a specially crafted network packet to escalate privileges to root.
Affected Products
- VMware vCenter Server
- VMware Cloud Foundation
Affected Versions
- VMware vCenter Server Virtual Appliance 7.0 Update 3s before build 24201990
- VMware vCenter Server Virtual Appliance 8.0 Update 3b before build 24262322
Mitigation
- VMware vCenter Server 8.0 U3b
- VMware vCenter Server 7.0 U3s
For more information about the mitigation, please refer to Broadcom Security Advisory (VMSA-2024-0019).
Qualys Detection
Qualys customers can scan their devices with QID 216334 to detect vulnerable assets.
Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.