U.S. CISA Adds A Flaw In Broadcom VMware VCenter Server To Its Known Exploited Vulnerabilities Catalog

Table of Contents

U.S. CISA adds a flaw in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog

Pierluigi Paganini
January 24, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Broadcom VMware vCenter to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Broadcom VMware vCenter Server vulnerability, tracked as CVE-2024-37079 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog.

vCenter Server is a centralized management platform developed by VMware for managing virtualized environments.

In June 2024, VMware addressed vCenter Server vulnerabilities, tracked as CVE-2024-37079 and CVE-2024-37080, that remote attackers can exploit to achieve remote code execution or privilege escalation.

The flaws are heap-overflow issues in the implementation of the DCERPC protocol. An…

Facebook
Twitter
Pinterest
LinkedIn
Digg
Tumblr
Reddit
Buffer
Blogger
Newsvine
HackerNews
Flipboard
Share
LiveJournal
Yammer
Mix
Instapaper
Copy Link
Mastodon

U.S. CISA adds a flaw in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Broadcom VMware vCenter to its Known Exploited Vulnerabilities catalog.

Related Posts