VMware patching of identified vCenter RCE hits snag

22 October 2024

Such a flaw — which is a heap overflow in the platform’s Distributed Computing Environment / Remote Procedure Call protocol — could be leveraged by threat actors with vCenter Server network access to facilitate code execution through a custom network packet, according to VMware, which did not provide additional information about the inadequate fix. However, VMware was able to remediate a high-severity privilege escalation issue in vCenter Server, tracked as CVE-2024-38813, with the recent update.

Source: SC Magazine

Date:

22 October 2024

Categorie(s):

NEWS

Tag(s):

IT, News, vCenter Server, Virtualization, VMware

TSMC blows whistle on potential sanctions-busting shenanigans from Huawei22 October 2024
AI chatbots can be tricked by hackers into helping them steal your private data22 October 2024
Exposed United Nations Database Left Sensitive Information Accessible Online22 October 2024
VMware fixes critical RCE, make-me-root bugs in vCenter – for the second time22 October 2024
Tech firms to pay millions in SEC penalties for misleading SolarWinds disclosures22 October 2024