VMWare Products Multiple Vulnerabilities

Last Update Date: 19 Nov 2024 Release Date: 19 Sep 2024 3784 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Operating Systems - VM Ware

TYPE: VM Ware

Multiple vulnerabilities were identified in VMware products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege and remote code execution on the targeted system.

 

[Updated on 2024-11-19]

Updated Description and Risk level changed to extremely high.

Note: CVE-2024-38812 and CVE-2024-38813 are actively exploited in the wild. 

A malicious actor with network access to vCenter Server may trigger CVE-2024-38813 to escalate privileges to root by sending a specially crafted network packet.

A malicious actor with network access to vCenter Server may trigger CVE-2024-38812 by sending a specially crafted network packet potentially leading to remote code execution.

Impact

  • Remote Code Execution
  • Elevation of Privilege

System / Technologies affected

  • VMware  vCenter Server 7.0
  • VMware  vCenter Server 8.0
  • VMware Cloud Foundation 4.x
  • VMware Cloud Foundation 5.x

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Vulnerability Identifier

Source

Related Link

Related Tags

VMwareRemote Code ExecutionElevation of PrivilegeExploit In The Wild

Share with

Previous

Ruckus Products Remote Code Execution Vulnerability

18 Nov 2024 1282 Views

Next

Palo Alto PAN-OS Multiple vulnerabilities

19 Nov 2024 1055 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY