By LBT Technology Group, LLC. on Wednesday, 30 October 2024
Category: Security

VMware critical vulnerability

Threat update

​VMware has recently released software updates to address a security flaw believed to have already been patched in vCenter Server. The vulnerability, known as CVE-2024-38812 with a CVSS score of 9.8, is a heap-overflow vulnerability. Continue reading this Cybersecurity Threat Advisory to mitigate your risk.

Technical Detail and Additional Info

What is the threat?

​By sending specially crafted network packets, threat actors with access to vCenter Server can exploit this vulnerability and perform remote code execution (RCE). It was also confirmed that the previous vCenter patch failed to properly address this vulnerability.

Why is it noteworthy?

​This vulnerability allows threat actors to gain significant control over systems by executing remote code, posing a serious security risk. Additionally, the fact that the previous patch failed to fully address the issue raises concerns about the effectiveness of security measures and the potential for exploitation by malicious actors.

What is the exposure or risk?

​CVE-2024-38812 affects VMware vCenter 7.0 and 8.0, as well as VMware Cloud Foundation 4.x and 5.x. However, it does not affect the latest updates for these devices, such as 7.0 U3s and 8.0 U3b. Those without the above-mentioned updated versions, are susceptible to attacks with network access to vCenter Server, escalating privileges to root by sending their own crafted network packets.

What are the recommendations?

 LBT Technology Group recommends the following actions to mitigate the effects caused by CVE-2024-38812:

References

 For more in-depth information about the recommendations, please visit the following links:


If you have any questions, please contact LBT's Sales Engineer.

Related Posts

Leave Comments