Vulnerabilities

CVE-2024-37079, 37080, 37081 VMware vCenter & Cloud Foundation heap overflow and privilege escalation

This advisory is for organizations that use VMware vCenter Server and Cloud Foundation.  If your organization does not use this platform, this notification may be discarded. 

 

Summary

VMWare has released updated versions of their VMware vCenter Server and VMware Cloud foundation platforms to address critical vulnerabilities which may allow an attacker to conduct heap overflow and/or local privilege escalation attacks.

 

CVE-2024-37079: CVSSv3.1: 9.8

               A heap-overflow vulnerability in the DCERPC protocol implementation of vCenter Server that allows a malicious actor with network access to send specially crafted packets, potentially leading to remote code execution.

 

CVE-2024-37080: CVSSv3.1: 9.8

               Another heap overflow vulnerability in the DCERPC protocol of vCenter Server. Similar to CVE-2024-37079, it allows an attacker with network access to exploit heap overflow by sending crafted packets, potentially resulting in remote code execution.

 

CVE-2024-37081: CVSS 7.8

               This vulnerability arises from a misconfiguration of sudo in vCenter Server, permitting an authenticated local user to exploit this flaw to elevate their privileges to root on the vCenter Server Appliance.

 

Affected Platforms

VMware vCenter Server 8.0 < 8.0 U2d

VMware vCenter Server 8.0 < 8.0 U1e

VMware vCenter Server 7.0 < 7.0 U3r

VMware Cloud Foundation (vCenter Server) 5 < KB88287

VMware Cloud Foundation (vCenter Server) 4 < KB88287

 

Mitigations

vCenter Server 8.0 -> 8.0 U2d

vCenter Server 8.0 -> 8.0 U1e

vCenter Server 7.0 -> 7.0 U3r

Cloud Foundation 5.x & 4.x -> KB88287

 

Additional Resources

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453

https://core.vmware.com/resource/vmsa-2024-0012-questions-answers#next-expected-update

https://www.bleepingcomputer.com/news/security/vmware-fixes-critical-vcenter-rce-vulnerability-patch-now/