VMware patches over remote make-me-root holes in vCenter Server, Cloud Foundation

September 17, 2024 at 05:00PM Broadcom has released two patches addressing critical vulnerabilities in VMware vCenter Server and Cloud Foundation. CVE-2024-38812 is a heap overflow flaw with a CVSS score of 9.8, enabling remote code execution. CVE-2024-38813 allows for privilege escalation and has a CVSS score of 7.5. Both vulnerabilities were discovered during a cyber … Read more

Critical VMware Bugs Open Swaths of VMs to RCE, Data Theft

June 18, 2024 at 04:34PM Broadcom releases fixes for three vulnerabilities in VMware vCenter, with two critical vulnerabilities allowing remote code execution. The vulnerabilities could allow attackers to execute code on managed VMs. In addition, there are patch updates for local privilege escalation vulnerabilities. VMware, with a large customer base, faces increased risk due to … Read more