Advisory addresses three vulnerabilities that could result in privilege escalation or remote code execution

Threat ID:CC-4513

Threat Severity:Medium

Published:18 June 2024 3:27 PM

Summary

Affected platforms

The following platforms are known to be affected:

Versions: all prior to 8.0 U2d, 8.0 U1e, 7.0 U3r

VMware vCenter Server

Versions: all prior to KB88287

VMware Cloud Foundation

Threat details

Introduction

Broadcom has issued an advisory addressing three security vulnerabilities in VMware vCenter Server, the centralised management utility for virtual machines and hosts, and VMware Cloud Foundation, the private cloud platform.

Vulnerability details

CVE-2024-37079 is a heap-overflow vulnerability in VMware vCenter Server with a CVSSv3 score of 9.8. A malicious attacker with network access to vCenter Server could trigger this vulnerability by sending a specially crafted network packet, potentially leading to remote code execution.

CVE-2024-37080 is also a heap-overflow vulnerability in VMware vCenter Server with a CVSSv3 score of 9.8. A malicious attacker with network access to vCenter Server could trigger this vulnerability by sending a specially crafted network packet, potentially leading to remote code execution.

CVE-2024-37081 is a privilege escalation vulnerability in vCenter Server with a CVSSv3 score of 7.8. An authenticated local attacker with non-administrative privileges could exploit these issues to elevate privileges to root on vCenter Server Appliance.

Proof-of-concept exploit code has been published for CVE-2024-37081

Proof-of-concept exploit code for CVE-2024-37081 has been publicly released. Exploitation is considered more likely.

Threat updates


9 Jul 2024	Proof-of-concept released for exploitation of CVE-2024-37081

Remediation advice

Affected organisations are encouraged to review Broadcom's VMware advisory VMSA-2024-0012 and apply the relevant updates.

Definitive source of threat updates

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453

https://core.vmware.com/resource/vmsa-2024-0012-questions-answers

CVE Vulnerabilities

StatusPublished

CVE-2024-37079vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.

StatusPublished

CVE-2024-37080vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.

StatusPublished

CVE-2024-37081The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance.

Last edited: 9 July 2024 3:02 pm