VMWare vCenter Server CVE-2024-38812 DCERPC Vulnerability


CVE-2024-38812 is a critical heap-overflow vulnerability identified in VMware vCenter Server’s implementation of the DCERPC (Distributed Computing Environment/Remote Procedure Call) protocol. This flaw allows a malicious actor with network access to the vCenter Server to send specially crafted packets, potentially leading to remote code execution (RCE).

The vulnerability, classified under CWE-122 (Heap-based Buffer Overflow), arises when memory allocated in the heap is improperly overwritten, leading to unpredictable behavior that could be exploited. Published in September 2024, CVE-2024-38812 carries a CVSS score of 9.8, highlighting its severity and high risk of exploitation. VMware vCenter Server version 8.0U3a is vulnerable, while version 8.0U3b contains the necessary patches to mitigate this issue.

Read more…
Source: Sonicwall


Sign up for our Newsletter


Related:

  • Critical RCE Vulnerability Found in Cisco WebEx Extensions, Again — Patch Now!

    July 17, 2017

    A highly critical vulnerability has been discovered in the Cisco Systems’ WebEx browser extension for Chrome and Firefox, for the second time in this year, which could allow attackers to remotely execute malicious code on a victim’s computer. Cisco WebEx is a popular communication tool for online events, including meetings, webinars and video conferences that help ...

  • Siemens Patches Authentication Bypass Flaw in SiPass Server

    July 14, 2017

    A handful of vulnerabilities in Siemens’ SiPass integrated server have been patched, including one that allows an attacker to bypass authentication on the box. SiPass is the company’s integrated access control server managing physical access in a number of industries and use cases. The product supports card readers and integrates with video surveillance equipment, among other ...

  • Hackers are using this new attack method to target power companies

    July 10, 2017

    Phishing emails, used to steal credentials from critical infrastructure firms, can silently harvest data without even using macros, researchers have warned. Hackers are targeting energy companies, including those working in nuclear power and other critical infrastructures providers, with a technique that puts a new spin on a tried-and-tested form of cyberattack. Phishing has long been a successful ...

  • Intel AMT bug bit Siemens industrial PCs

    July 3, 2017

    You don’t need state-sponsored hackers to crack industrial control systems, just an empty Intel AMT login – something Siemens started patching against last week. The bug in Intel’s Active Management Technology emerged in June. It allowed a user to exploit AMT features with an empty login string, and has been shipping in processors since 2010. In Siemens’s ...

  • Wikileaks Reveals CIA Malware that Hacks & Spy On Linux Computers

    June 30, 2017

    WikiLeaks has just published a new batch of the ongoing Vault 7 leak, this time detailing an alleged CIA project that allowed the agency to hack and remotely spy on computers running the Linux operating systems. Dubbed OutlawCountry, the project allows the CIA hackers to redirect all outbound network traffic on the targeted computer to CIA ...

  • Your Linux Machine Can Be Hacked Remotely With Just A Malicious DNS Response

    June 28, 2017

    A critical vulnerability has been discovered in Systemd, the popular init system and service manager for Linux operating systems, that could allow remote attackers to potentially trigger a buffer overflow to execute malicious code on the targeted machines via a DNS response. The vulnerability, designated as CVE-2017-9445, actually resides in the ‘dns_packet_new‘ function of ‘systemd-resolved,’ a ...