VMware vCenter: Attackers from the network can infiltrate malicious code

Broadcom warns of security vulnerabilities in VMware vCenter Server. One of these is considered critical and allows attackers from the network to smuggle in malicious code. Another vulnerability allows malicious actors to escalate privileges in the system.

In a security announcement, Broadcom explains that a heap-based buffer overflow could occur in the implementation of the DCERPC protocol (Distributed Computing Environment / Remote Procedure Call). Attackers with network access to the VMware vCenter server can abuse the vulnerability by sending carefully crafted network packets to vulnerable servers (CVE-2024-38812, CVSS 9.8, risk"critical"). The company has checked whether there are temporary countermeasures in the product that can be used to close the gap, but has found no possibility. Only a software update can help.

Two vulnerabilities in VMware vCenter

Another vulnerability allows attackers with network access to VMware vCenter servers to use manipulated packets to trigger a vulnerability that allows them to elevate their privileges to root (CVE-2024-38813, CVSS 7.5, high). There are no workarounds for this either.

VMware vCenter Server 8.0 and 7.0 as well as VMware Cloud Foundation 5.x and 4.x are affected. Broadcom is providing the corrected versions vCenter Server 8.0 U3b and 7.0 U3s, which close the gaps. For the VMware Cloud Foundation, an "asynch patch" for these versions is intended to plug the security leaks. The developers have provided their own instructions for this.

Two weeks ago, Broadcom had to patch a security vulnerability in VMware Fusion. It allowed malicious actors to extend their rights and execute arbitrary code. With a CVSS score of 8.8, it only just missed being classified as a critical risk.

(dmk)