The Cybersecurity and Infrastructure Security Agency (CISA) on Jan. 23 added a critical VMware vCenter Server remote code execution (RCE) law exploited in the wild to its Knowns Exploited Vulnerabilities (KEV) catalog.Originally patched in 2024, the 9.8 bug — CVE-2024-37079 — lets attackers exploit a heap overflow weakness in the DCE/RPC protocol implementation of vCenter Server, a platform that lets admins manage Broadcom’s VMware ESXi hosts and virtual machines.DCE/RPC stands for Distributed Computing Environment/Remote Procedure Calls, a protocol that’s used in VMware vCenter Server for inter-process communication for services such as certificate management, directory services, and authentication. When flaws get exploited by attackers, it can lead to an RCE.“A successful RCE on a vCenter Server is potentially more devastating than an Okta breach, as it grants attackers ‘virtual physical access’ to all servers, databases, and applications within the environment…
VMware vCenter Server bug added to CISA list exploited vulnerabilities
