September 18, 2024 at 01:57AM
Broadcom released updates to fix a critical security flaw in VMware vCenter Server, allowing possible remote code execution. Two similar flaws were also addressed, as well as a privilege escalation flaw. The flaws were discovered during a cybersecurity competition in June 2024 and have been fixed in various versions. Customers are urged to update installations to protect against potential threats.
Key takeaways from the meeting notes regarding the virtualization and network security updates are as follows:
1. Critical security flaw impacting VMware vCenter Server was addressed by Broadcom, resolving a heap-overflow vulnerability in the DCE/RPC protocol, tracked as CVE-2024-38812 with a CVSS score of 9.8, potentially leading to remote code execution.
2. The fix also addressed privilege escalation flaw in the vCenter Server (CVE-2024-38813, CVSS score: 7.5) that could allow a malicious actor to escalate privileges to root by sending a specially crafted network packet.
3. The vulnerabilities were discovered and reported by security researchers zbl and srs of team TZL during the Matrix Cup cybersecurity competition held in China back in June 2024.
4. The vulnerabilities have been fixed in vCenter Server 8.0 (Fixed in 8.0 U3b), vCenter Server 7.0 (Fixed in 7.0 U3s), VMware Cloud Foundation 5.x (Fixed in 8.0 U3b as an asynchronous patch), and VMware Cloud Foundation 4.x (Fixed in 7.0 U3s as an asynchronous patch).
5. Broadcom has urged customers to update their installations to the latest versions to safeguard against potential threats.
6. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint advisory urging organizations to address cross-site scripting (XSS) flaws to mitigate potential security risks.
Feel free to let me know if there is anything else I can assist you with.