Broadcom is warning two vulnerabilities plaguing its VMware vCenter Server product are being exploited in the wild by hackers.
Patches are available, and users are urged to apply them immediately, since there is no workaround. Furthermore, the vulnerabilities can be used to cause quite the damage to compromised networks.
In mid-September 2024, VMware released a security advisory, claiming to have patched two flaws in vCenter Server that could have granted threat actors remote code execution (RCE) abilities.
These flaws were tracked as CVE-2024-38812 and CVE-2024-38813.
The former affects vCenter 7.0.3, 8.9.2, and 8.0.3, as well as all versions of vSphere or VMware Cloud Foundation prior to the ones listed above. It was given a severity score of 9.8 (critical) since it can be exploited without user interaction, and since it grants RCE capabilities to a threat actor sending a custom-built network packet. The latter, on the other hand, is a 7.5-severity flaw, granting root privilege escalation.
Both vulnerabilities were first discovered by Team TZL at Tsinghua University, during the Matrix Cup Cyber Security Competition, held in China earlier this year.
However, it was soon announced that the patches did not properly work, since Broadcom issued a second patch in late October 2024. At that time, despite the bug being present for months, and having been patched twice, there was still no evidence of abuse in the wild.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
However, that time has now come.
“Updated advisory to note that VMware by Broadcom confirmed that exploitation has occurred in the wild for CVE-2024-38812 and CVE-2024-38813,” Broadcom said earlier this week.
Unfortunately, at this time, we don’t know who is abusing these vulnerabilities, or against whom. However, BleepingComputer reminds that threat actors, including ransomware gangs and state-sponsored threat actors, often target VMware vCenter bugs.
Via BleepingComputer
https://wol.com/a-major-vmware-vcenter-server-security-bug-is-now-being-exploited-so-patch-now/
What's your reaction?
You may also like
-
![Hong Kong’s premier ink art event UOB Art in Ink Festival returns this December, fostering art inclusivity]()
Hong Kong’s premier ink art event UOB Art in Ink Festival returns this December, fostering art inclusivity
-
![Anglo-Chinese School Students Crowned as the Grand Winner of the Samsung Solve for Tomorrow 2024 Competition]()
Anglo-Chinese School Students Crowned as the Grand Winner of the Samsung Solve for Tomorrow 2024 Competition
-
![“CBS Evening News” headlines for Wednesday, Nov. 20, 2024]()
“CBS Evening News” headlines for Wednesday, Nov. 20, 2024
-
![Man convicted of murder in slaying of Laken Riley]()
Man convicted of murder in slaying of Laken Riley
-
![OPPO Find X8 and Find X8 Pro Launches Globally with Ultra-Grade Hasselblad Cameras, Next-Gen Performance and ColorOS 15]()
OPPO Find X8 and Find X8 Pro Launches Globally with Ultra-Grade Hasselblad Cameras, Next-Gen Performance and ColorOS 15
-
![House committee fails to reach agreement on whether to release Matt Gaetz report]()
House committee fails to reach agreement on whether to release Matt Gaetz report
Comments
0 comment