VMware vCenter Under Siege: Patch Now or Face the Wrath of Cyber Villains!

Broadcom warns of attackers exploiting VMware vCenter Server vulnerabilities, including a critical remote code execution flaw. Hackers are having a field day with these vulnerabilities, so if you’re too busy to update your systems, remember: hackers will always find time to crash your party. Apply those patches!

3P
Published: November 18, 2024 7:03 pmAdded: November 18, 2024 at 11:30 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like the hackers have been eagerly waiting in line for the latest vCenter patches like they’re the latest iPhone release. But instead of upgrades, they’re serving up exploits—proof that some tech enthusiasts are just in it for the hacks!

Key Points:

  • Two VMware vCenter Server vulnerabilities are being actively exploited: a remote code execution (RCE) flaw and a privilege escalation flaw.
  • The RCE vulnerability, CVE-2024-38812, stems from a heap overflow in the DCE/RPC protocol, affecting VMware vSphere and Cloud Foundation.
  • The privilege escalation flaw, CVE-2024-38813, allows attackers to gain root access using specially crafted network packets.
  • Broadcom released patches in September, but the original patch for CVE-2024-38812 was incomplete, necessitating a new update.
  • No workarounds exist; affected users must apply the latest patches to secure their systems.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?