A critical out-of-bounds write in VMware vCenter Serverβs DCERPC implementation (CVE-2024-37079) allows remote code execution and carries a 9.8 CVSS rating. Broadcom and CISA warn the flaw is being exploited in the wild despite a patch released over a year ago, and CISA has added it to its KEV requiring federal remediation by February 13. #CVE-2024-37079 #vCenterServer
Keypoints
- CVE-2024-37079 is an out-of-bounds write in vCenter Serverβs DCERPC protocol with a 9.8 severity score.
- Attackers with network access can send crafted packets to achieve remote code execution on vCenter Server.
- Broadcom reported evidence of in-the-wild exploitation despite issuing a patch more than a year ago.
- CISA added the vulnerability to its Known Exploited Vulnerabilities catalog, mandating federal patching by February 13.
- Virtualization infrastructure like vCenter is a high-value target for groups such as Fire Ant, Warp Panda, and UNC3886 and should never be exposed to the public internet.
Read More: https://www.theregister.com/2026/01/23/critical_vmware_vcenter_server_bug/