Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months. VMware failed to fully address a remote code execution flaw, tracked as CVE-2024-38812 (CVSS score: 9.8), in its vCenter Server platform. In September, Broadcom released security updates to the vulnerability CVE-2024-38812. vCenter Server is a […]

VMware Fusion Pwn2Own Berlin 2025

VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months.

VMware failed to fully address a remote code execution flaw, tracked as CVE-2024-38812 (CVSS score: 9.8), in its vCenter Server platform.

In September, Broadcom released security updates to the vulnerability CVE-2024-38812.

vCenter Server is a critical component in VMware virtualization and cloud computing software suite. It serves as a centralized and comprehensive management platform for VMware’s virtualized data centers.

The vulnerability is a heap-overflow vulnerability that resides in the implementation of the DCERPC protocol.

“A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.” reads the advisory.

During the 2024 Matrix Cup hacking contest in China, zbl & srs of team TZL demonstrated the vulnerability.

Now the company has updated its initial advisory confirming the September patches did not fully address the flaw.

“VMware by Broadcom has determined that the vCenter patches released on September 17, 2024 did not completely address CVE-2024-38812.” reads the updated advisory. “The patches listed in the Response Matrix below are updated versions that contain additional fixes to fully address CVE-2024-38812.”

Chinese law requires researchers to disclose zero-day vulnerabilities to the government. Experts speculate that the Chinese government was aware of the flaw and may have exploited it as a zero-day.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, vCenter Server)