Notification of Multiple High-Risk Vulnerabilities (CVE-2024-37079, CVE-2024-37080, CVE-2024-37081) in VMware vCenter Server

Notification of Multiple High-Risk Vulnerabilities (CVE-2024-37079, CVE-2024-37080, CVE-2024-37081) in VMware vCenter Server



NSFOCUS CERT recently discovered high-risk vulnerabilities in VMware vCenter Server and released a security advisory regarding a heap overflow vulnerability and a privilege escalation vulnerability. These vulnerabilities could allow remote attackers to execute arbitrary code and grant root privileges to low-privileged accounts. The affected versions include VMware vCenter Server 8.0, 7.0, VMware Cloud Foundation (vCenter Server) 5, and 4, while the unaffected versions have been listed as well. It is recommended to update to the latest version to address these vulnerabilities. NSFOCUS, a cybersecurity pioneer, is dedicated to protecting organizations from sophisticated cyberattacks and offers a range of security solutions to mitigate risks. The full details of the vulnerabilities and mitigation steps can be found in the security advisory released by VMware.

Article Source
https://securityboulevard.com/2024/06/multiple-high-risk-vulnerabilities-cve-2024-37079-cve-2024-37080-cve-2024-37081-in-VMware-vcenter-server-notification/amp/