Note: This Emerging Threat is also published in the new Fortra Security & Trust Center - the new location for all Emerging Threats beginning in January 2025. Refer to Emerging Threats Moving to Fortra.com for more information on following Emerging Threats in their new location.
Fortra is actively researching critical vulnerabilities in VMware vCenter Server – CVE-2024-38812 and CVE-2024-38813. By exploiting these vulnerabilities, a malicious actor with network access to vCenter Server could send specially crafted network packets to achieve remote code execution and escalation of privileges.
These vulnerabilities were initially published on September 17, 2024, and announced via advisory VMSA-2024-0019. However, after further research, VMware determined that the patches did not fully address CVE-2024-38812 and released VMSA-2024-0019.2 with new updates to address these issues fully. Customers are strongly encouraged to apply the new patches (listed below), even if the patches from the initial advisory have already been applied.
Who is affected?
Customers using the following products and versions are affected by this vulnerability.
- VMware vCenter Server 7.0 and 8.0
- VMware Cloud Foundation 4.x, 5.x, and 5.1.x
What can I do?
Broadcom has released patches to address these vulnerabilities. Customers should apply the following patches as necessary as soon as possible.
- VMware vCenter Server 8.0 - U3d
- VMware vCenter Server 8.0 - U2e
- VMware vCenter Server 7.0 - U3t
- VMware Cloud Foundation 4.x - Async patch to 7.0 U3t
- VMware Cloud Foundation 5.x - Async patch to 8.0 U3d
- VMware Cloud Foundation 5.1.x - Async patch to 8.0 U2e
For more information on the vulnerabilities and patches, refer to Broadcom’s security advisory.
How is Fortra helping me?
Fortra is actively researching this threat to build detection capabilities in addition to those listed below.
Alert Logic Network IDS: Alert Logic released IDS telemetry signatures to aid in detection research.
Alert Logic Vulnerability Scanning: Alert Logic released unauthenticated scan detection for this vulnerability based on version detection on October 23, 2024.
Updates
Fortra has kicked off the Emerging Threats process for this vulnerability. This article will be updated with new information about this vulnerability and related security coverage as it becomes available.
10/25/2024: Alert Logic released IDS telemetry signatures to aid in detection research.
10/23/2024: Alert Logic released unauthenticated scan detection for this vulnerability based on version detection.
Comments
0 comments
Please sign in to leave a comment.