November 18, 2024 at 02:00PM Broadcom has warned that two VMware vCenter Server vulnerabilities, CVE-2024-38812 (a critical remote code execution flaw) and CVE-2024-38813 (a privilege escalation flaw), are being actively exploited. Customers are urged to apply new security updates to mitigate risks, as no workarounds are available for these vulnerabilities. ### Meeting Takeaways 1. **Active … Read more
November 18, 2024 at 01:31PM VMware’s critical CVE-2024-38812 vulnerability in vCenter Server has been exploited in the wild, prompting urgent updates from the company. Initially reported at a Chinese hacking contest, the flaw allows remote code execution. Past patches failed to fully resolve the issue, emphasizing the need for customers to apply fixes urgently. Here … Read more
October 22, 2024 at 10:13AM VMware has issued a critical security update for CVE-2024-38812, a remote code execution vulnerability in vCenter Server that was inadequately addressed in September 2024. Users must apply the new patches for vCenter 7.0.3, 8.0.2, and 8.0.3 urgently, as no effective workarounds exist. ### Meeting Notes Takeaways: 1. **Security Update Release**: … Read more
October 22, 2024 at 03:18AM VMware has released updates for a critical security flaw (CVE-2024-38812) in vCenter Server, related to heap overflow vulnerabilities, allowing potential remote code execution. The flaw was previously patched inadequately. Users are urged to update to the latest versions to mitigate risks, although there’s currently no evidence of exploitation. **Meeting Takeaways … Read more
September 18, 2024 at 01:57AM Broadcom released updates to fix a critical security flaw in VMware vCenter Server, allowing possible remote code execution. Two similar flaws were also addressed, as well as a privilege escalation flaw. The flaws were discovered during a cybersecurity competition in June 2024 and have been fixed in various versions. Customers … Read more
September 17, 2024 at 03:21PM VMware, owned by Broadcom, released critical-severity patches for two vulnerabilities in its vCenter Server. One vulnerability, CVE-2024-38812, poses a major risk of remote code execution, while the other, CVE-2024-38813, is a privilege escalation vulnerability. The flaws impact vCenter Server and Cloud Foundation versions, and patches are the only known solution. … Read more