Security updates: Root vulnerability threatens VMware vCenter Server
Among other things, two critical vulnerabilities threaten vCenter Server and Cloud Foundation from VMware.
Root vulnerability threatens VMware vCenter Server
(Image: AFANASEV IVAN/Shutterstock.com)
Attackers can exploit three vulnerabilities in VMware vCenter Server and Cloud Foundation to execute malicious code, among other things. Versions equipped against these vulnerabilities are available for download.
Software vulnerabilities
In order to exploit the two"critical" vulnerabilities (CVE-2024-37079, CVE-2024-37080), an attacker needs network access, the developers explain in a warning message. If this is the case, they can trigger a memory error (heap overflow) by sending a prepared network packet. In such a case, malicious code is usually introduced to systems.
Attackers must already be authenticated to be able to exploit the third vulnerability (CVE-2024-37081"high"). They should then be able to upgrade to root user. It is not yet clear how such an attack could take place.
Videos by heise
The developers state that they have secured the following versions against these attacks:
- Cloud Foundation 4.x KB88287
- Cloud Foundation 5.x KB88287
- vCenter Server 7.0 U3r
- vCenter Server 8.0 U1e
- vCenter Server 8.0 U2D
There are currently no reports of ongoing attacks. However, admins should not hesitate and install the updates promptly due to the severity of the vulnerabilities.
(des)
