Vulnerability Management, Patch/Configuration Management

VMware patching of identified vCenter RCE hits snag

VMware company brand logo on official website

Updates issued by VMware for its vCenter Server platform continue to not completely address a critical remote code execution vulnerability, tracked as CVE-2024-38812, which was initially identified and exploited at the Matrix Cup hacking competition in China in June, SecurityWeek reports.

Such a flaw — which is a heap overflow in the platform's Distributed Computing Environment / Remote Procedure Call protocol — could be leveraged by threat actors with vCenter Server network access to facilitate code execution through a custom network packet, according to VMware, which did not provide additional information about the inadequate fix. However, VMware was able to remediate a high-severity privilege escalation issue in vCenter Server, tracked as CVE-2024-38813, with the recent update. "A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet," said VMware.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds