VMware Patches Critical Flaws in vCenter Server

VMware has addressed multiple critical vulnerabilities in its vCenter Server that could allow remote attackers to execute code or escalate privileges.

The vCenter Server is a centralized management platform for virtualized environments developed by VMware.

The flaws include multiple heap-overflow vulnerabilities, tracked as CVE-2024-37079 and CVE-2024-37080, in the DCERPC protocol implementation.

"A malicious actor with network access to vCenter Server may trigger these vulnerabilities by sending a specially crafted network packet potentially leading to remote code execution," VMware says in its advisory.

These vulnerabilities have a maximum CVSSv3 base score of 9.8.

Customers are advised to install the released security patches, and there are no workarounds available.

The vulnerabilities were reported by Hao Zheng and Zibo Li from the TianGong Team of Legendsec at Qi'anxin Group.

VMware also addressed multiple local privilege escalation vulnerabilities, tracked as CVE-2024-37081, in the vCenter Server.

"The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo," according to the advisory. "An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance."

This issue has a maximum CVSSv3 base score of 7.8 and was reported by Matei "Mal" Badanoiu from Deloitte Romania.

VMware confirmed that it is not aware of any attacks in the wild exploiting these vulnerabilities.

The following table summarizes the impacted products, fixed versions, and the severity of the vulnerabilities:

VMware Product Version Running On CVEs CVSSv3 Severity Fixed Version Workarounds Additional Documentation
vCenter Server 8.0 CVE-2024-37079, CVE-2024-37080, CVE-2024-37081 9.8, 7.8, 9.8 8.0 U2d None FAQ
vCenter Server 8.0 CVE-2024-37079, CVE-2024-37080 9.8, 9.8 8.0 U1e None FAQ
vCenter Server 7.0 CVE-2024-37079, CVE-2024-37080, CVE-2024-37081 9.8, 7.8, 7.8 7.0 U3r None FAQ

This article will be updated if new information is available.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon. Pierluigi Paganini (SecurityAffairs - hacking, VMware)

Read more