November 18, 2024 at 05:38PM
Two VMware vCenter vulnerabilities, CVE-2024-38812 and CVE-2024-38813, have been actively exploited after Broadcom’s patch attempts. CVE-2024-38812 allows remote code execution, while CVE-2024-38813 permits privilege escalation. These flaws affect multiple vCenter and VMware Cloud Foundation versions, making them critical targets for cybercriminals.
**Meeting Takeaways:**
1. **Vulnerabilities Identified**: Two critical vulnerabilities in VMware vCenter Server, CVE-2024-38812 and CVE-2024-38813, have been confirmed to be exploited in the wild.
2. **Initial and Subsequent Patches**: Broadcom initially patched these vulnerabilities on September 17 but later issued an update in October after realizing the original patches did not completely address the flaws.
3. **Current Exploitation Status**: As of a recent alert from Broadcom, exploitation of these vulnerabilities is confirmed to be occurring in real-world scenarios.
4. **Severity Ratings**:
– **CVE-2024-38812**: Critical heap-overflow vulnerability, CVSS score of 9.8. Exploitable by an attacker with network access who sends a specially crafted packet, potentially allowing remote code execution.
– **CVE-2024-38813**: High-severity privilege escalation vulnerability, CVSS score of 7.5. Allows an attacker with network access to escalate their privileges to root.
5. **Affected Versions**: The vulnerabilities affect versions 7 and 8 of vCenter Server and versions 4 and 5 of VMware Cloud Foundation.
6. **Need for Urgent Attention**: Given the nature of the vulnerabilities and previous targeting of VMware by malicious actors, urgent remediation is advised for organizations using affected systems.
7. **Pending Information from Broadcom**: The Register has reached out to Broadcom for more information about the extent of the attacks and details on the attackers, but no response has been received yet.
Collectively, these notes indicate a critical situation requiring immediate action from organizations using VMware products to mitigate the vulnerabilities.