CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2024-38812

CVSS 9.8v3.1pub. 2024-09-17upd. 2025-10-31

The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • VMware Cloud Foundation

    APP
    Vmware
    4.0 – 5.2 (bez)
  • VMware Vcenter Server

    APP
    Vmware
    7.08.0

CISA KEV — detailsi

Vendori
VMware
Producti
vCenter Server
Added to KEVi
November 20, 2024
Remediation deadline (US Federal)i
December 11, 2024(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

VMware vCenter Server contains a heap-based buffer overflow vulnerability in the implementation of the DCERPC protocol. This vulnerability could allow an attacker with network access to the vCenter Server to execute remote code by sending a specially crafted packet.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 11 grudnia 2024
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2025-22224CRITICAL9.3⚠ KEVPL ✓ten sam produkt

VMware ESXi/Workstation: TOCTOU umożliwia ucieczkę z VM przez VMX process

CVE-2024-37079CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Heap overflow w VMware vCenter Server via protokół DCERPC — RCE

CVE-2023-34048CRITICAL9.8⚠ KEVten sam produkt

vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A m...

CVE-2022-22954CRITICAL9.8⚠ KEVten sam produkt

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-s...

CVE-2021-22005CRITICAL9.8⚠ KEVten sam produkt

The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor...