High Threat Security Alert (A24-09-16): Multiple Vulnerabilities in VMware Products


 

Published on: 19 September 2024

  
  

Description:

VMware has published a security advisory to address multiple vulnerabilities in VMware products. The details of patches can be found at:
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968

Reports indicate that multiple vulnerabilities (CVE-2024-38812 and CVE-2024-38813) in VMware vCenter Server and Cloud Foundation are at high risk of exploitation. System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • VMware vCenter Server
  • VMware Cloud Foundation

 

Impact:

Depending on the vulnerabilities being exploited, a successful exploitation could lead to remote code execution or privilege escalation on the affected system.

 

Recommendation:

Patches for affected systems are available. System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968
  • https://www.hkcert.org/security-bulletin/vmware-products-multiple-vulnerabilities_20240919
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38812 (to CVE-2024-38813)


Tag: VMware , vCenter , VMware Cloud Foundation
Tags