VMSA-2024-0012 – VMware vCenter Server – Multiple Vulnerabilities

VMware has addressed several critical vulnerabilities CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081 in the vCenter Server that could allow remote code execution (RCE) or privilege escalation. Updates are available to remediate these vulnerabilities in affected VMware products.

Impacted Products:
VMware Cloud Foundation
VMware vCenter Server

CVE-2024-37079 & CVE-2024-37080 – Multiple heap overflow vulnerabilities with the DCERPC protocol. The severity of this vulnerability has the maximum CVSSv3 base score of 9.8. An attacker with only network access to the vCenter Server may trigger this vulnerability with a special network packet that could lead to remote code execution.

Resolution:
To remediate CVE-2024-37079, and CVE-2024-37080 apply the updates listed in the ‘Fixed Version’ column of the ‘Response Matrix’ below to affected deployments.

CVE-2024-37081 – This vulnerability is the local privilege escalation vulnerability due to the misconfiguration of sudo. The maximum CVSSv3 base score for this vulnerability is 7.8.

Resolution:
To remediate CVE-2024-37081 apply the updates listed in the ‘Fixed Version’ column of the ‘Response Matrix’ below to affected deployments.

Response Matrix:

Impacted Product Suites that Deploy Response Matrix 3a and 3b Components:

You can also check my VMware Product Release page to have more information regarding released products as well as release notes and download links.

Source:
Broadcom Blog Post
A supplemental FAQ for additional clarification