Broadcom has released security patches to fix a critical remote code execution (RCE) vulnerability in VMware vCenter Server. The flaw, identified as CVE-2024-38812, can be exploited by unauthenticated attackers via a specially crafted network packet, allowing for low-complexity attacks that don’t require user interaction.
vCenter Server is the central management hub for VMware’s vSphere suite, helping administrators manage and monitor virtualized infrastructure. The vulnerability affects not only vCenter Server but also products containing it, including VMware vSphere and VMware Cloud Foundation.
Security patches are now available through standard vCenter Server update mechanisms. To ensure full protection, install one of the updated versions listed in the VMware Security Advisory. While other mitigations may be available, each organization must evaluate their security posture independently.
It’s worth noting that Broadcom has not found evidence of the vulnerability being exploited in attacks. However, as a precautionary measure, administrators who cannot immediately apply the updates should strictly control network perimeter access to vSphere management components and interfaces.
The company also patched a high-severity privilege escalation vulnerability (CVE-2024-38813) that can be exploited to gain root privileges on vulnerable servers via a specially crafted network packet. This is not the first time Broadcom has addressed RCE vulnerabilities in VMware vCenter Server, as it previously fixed similar issues in June and January.
Source: https://www.bleepingcomputer.com/news/security/broadcom-fixes-critical-rce-bug-in-vmware-vcenter-server/