CISA has added CVE-2024-37079, a critical heap-overflow RCE in VMware vCenter Server, to its Known Exploited Vulnerabilities catalog after confirming active exploitation in the wild. Organizations running vulnerable vCenter and VMware Cloud Foundation versions are urged to apply VMwareβs VMSA-2024-0012 patches immediately, as the flaw allows unauthenticated remote code execution and lateral movement with no in-product workaround. #CVE-2024-37079 #VMwarevCenterServer
Keypoints
- CISA added CVE-2024-37079 to the KEV catalog citing active exploitation.
- CVE-2024-37079 is a heap-overflow in the DCE/RPC implementation with a CVSS score of 9.8.
- The flaw permits unauthenticated remote code execution against VMware vCenter Server and VMware Cloud Foundation components.
- Exploitation can give attackers a foothold on the vCenter management plane and enable lateral movement to ESXi hypervisors.
- VMware released advisory VMSA-2024-0012 with fixes; affected systems should be patched immediately as no viable workarounds exist.
Read More: https://thecyberexpress.com/vmware-vcenter-cve-2024-37079-exploited/