Intrusions leveraging a pair of vulnerabilities impacting the VMware vCenter Server have been disclosed by Broadcom, according to BleepingComputer.
More severe of the two issues — both of which have been discovered and reported by TZL security researchers during the Matrix Cup hacking competition in China — is the critical remote code execution flaw, tracked as CVE-2024-38812, which stems from a vCenter DCE/RPC protocol heap overflow issue, while the other is a privilege escalation bug, tracked as CVE-2024-38813, said Broadcom in an updated advisory. Such a development comes nearly a month after Broadcom urged the immediate adoption of new patches after persistent issues with the original fix for CVE-2024-38812. VMware vCenter has been an attractive target for various threat operations, with the critical flaw, tracked as CVE-2023-34048, reported by Broadcom to have been leveraged as a zero-day by Chinese state-backed hacking group UNC3886 to facilitate VirtualPie and VirtualPita backdoor compromise since 2021.
