DIVD-2024-00029 - VMware vCenter Server multiple heap-overflow vulnerabilities
Our reference | DIVD-2024-00029 |
Case lead | Oscar Vlugt |
Researcher(s) | |
CVE(s) | |
Products |
|
Versions |
|
Recommendation | Install the update as soon as possible |
Patch status | Available |
Workaround | None |
Status | Open |
Last modified | 02 Jul 2024 21:30 |
Summary
The vCenter Server contains multiple heap-overflow vulnerabilities in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger these vulnerabilities by sending a specially crafted network packet potentially leading to remote code execution.
Recommendations
To remediate CVE-2024-37079, and CVE-2024-37080 apply the updates listed in the ‘Fixed Version’ column of the ‘Response Matrix’ below to affected deployments. You can find the ‘Response Matrix’ at the bottom of this post.
What we are doing
DIVD is currently working to identify parties that are running a vulnerable version of vCenter Server and to notify these parties. We do this by looking at the version numbers if possible.
Timeline
Date | Description |
---|---|
21 Jun 2024 | DIVD starts researching the vulnerability. |