VMWare vCenter Server CVE-2024-38812 DCERPC Vulnerability


CVE-2024-38812 is a critical heap-overflow vulnerability identified in VMware vCenter Server’s implementation of the DCERPC (Distributed Computing Environment/Remote Procedure Call) protocol. This flaw allows a malicious actor with network access to the vCenter Server to send specially crafted packets, potentially leading to remote code execution (RCE).

The vulnerability, classified under CWE-122 (Heap-based Buffer Overflow), arises when memory allocated in the heap is improperly overwritten, leading to unpredictable behavior that could be exploited. Published in September 2024, CVE-2024-38812 carries a CVSS score of 9.8, highlighting its severity and high risk of exploitation. VMware vCenter Server version 8.0U3a is vulnerable, while version 8.0U3b contains the necessary patches to mitigate this issue.

Read more…
Source: Sonicwall


Sign up for our Newsletter


Related:

  • Your Linux Machine Can Be Hacked Remotely With Just A Malicious DNS Response

    June 28, 2017

    A critical vulnerability has been discovered in Systemd, the popular init system and service manager for Linux operating systems, that could allow remote attackers to potentially trigger a buffer overflow to execute malicious code on the targeted machines via a DNS response. The vulnerability, designated as CVE-2017-9445, actually resides in the ‘dns_packet_new‘ function of ‘systemd-resolved,’ a ...

  • Siemens Patches Vulnerabilities in SIMATIC CP, XHQ

    June 23, 2017

    Siemens patched two vulnerabilities in products commonly found in industrial control system setups this week. If exploited the flaws could allow an attacker to perform administrative actions or gain read access to sensitive data on affected systems. Siemens patched one issue (.PDF) on Tuesday and the other on Thursday (.PDF) this week. ICS-CERT, the Department of ...

  • Virgin Media tells 800,000 users to change passwords over hub hacking risk

    June 23, 2017

    Virgin Media is advising more than 800,000 customers with a specific router to change their password immediately after an investigation found hackers could gain access to it. Virgin Media said the risk to customers with a Super Hub 2 router was small, but advised them to change both their network and router passwords if they were ...

  • Microsoft Issues Updates for 96 Vulnerabilities You Need to Patch this Month

    June 14, 2017

    As part of June’s Patch Tuesday, Microsoft has released security patches for a total of 96 security vulnerabilities across its products, including fixes for two vulnerabilities being actively exploited in the wild. This month’s patch release also includes emergency patches for unsupported versions of Windows platform the company no longer officially supports to fix three Windows ...

  • Hackers Started Using “SambaCry Flaw” to Hack Linux Systems

    June 10, 2017

    Two weeks ago we reported about a 7-year-old critical remote code execution vulnerability in Samba networking software (re-implementation of SMB networking protocol) that allows a remote hacker to take full control of a vulnerable Linux and Unix machines. To know more about the SambaCry vulnerability (CVE-2017-7494) and how it works, you can read our previous article. At ...

  • Group Behind NSA Dump That Led to WannaCry Opens 0-Day Exploit Subscription

    May 30, 2017

    Infamous hacking group Shadow Brokers has promised to release more zero-day exploits, such as the one that has made life a misery for some 300,000 people across the world via WannaCry. Now, the group isn’t just after wreaking havoc, but also after making some money, since the releases will be made for a special club ...