VMSA-2024-0019 – VMware vCenter Server and VMware Cloud Foundation vulnerabilities
VMware has released a security advisory that addresses vulnerabilities CVE-2024-38812 and CVE-2024-38813. These vulnerabilities can allow for heap-overflow and privilege escalation attacks. VMware has published fixes for both vulnerabilities in VMware Cloud Foundation and vCenter Server.
Impacted Products:
- VMware Cloud Foundation
VMware vCenter Server
CVE-2024-38812 | VMware vCenter Server heap-overflow vulnerability
Description:
The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. VMware has evaluated this issue’s severity as being in the Critical severity range with a maximum CVSSv3 base score of 9.8. A malicious actor with network access to the vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
Resolution:
To remediate CVE-2024-38812 apply the updates listed in the ‘Fixed Version’ column of the ‘Response Matrix’ below to affected deployments.
CVE-2024-38813 | VMware vCenter privilege escalation vulnerability
Description:
The vCenter Server contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5. A malicious actor with network access to the vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet.
Resolution:
To remediate CVE-2024-38813 apply the updates listed in the ‘Fixed Version’ column of the ‘Response Matrix’ below to affected deployments.
Response Matrix: 3a & 3b
| VMware Product | Version | CVE | CVSSv3 | Severity | Fixed Version | Workarounds |
| VMware vCenter Server | 8.0 | CVE-2024-38812, CVE-2024-38813 | 9.8, 7.5 | Critical | 8.0 U3d [1] | None |
| VMware vCenter Server | 8.0 | CVE-2024-38812, CVE-2024-38813 | 9.8, 7.5 | Critical | 8.0 U2e | None |
| VMware vCenter Server | 7.0 | CVE-2024-38812, CVE-2024-38813 | 9.8, 7.5 | Critical | 7.0 U3t [1] | None |
| VMware Cloud Foundation | 5.x | CVE-2024-38812, CVE-2024-38813 | 9.8, 7.5 | Critical | Async patch to 8.0 U3d [1] | None |
| VMware Cloud Foundation | 5.1.x | CVE-2024-38812, CVE-2024-38813 | 9.8, 7.5 | Critical | Async patch to 8.0 U2e | None |
| VMware Cloud Foundation | 4.x | CVE-2024-38812, CVE-2024-38813 | 9.8, 7.5 | Critical | Async patch to 7.0 U3t [1] | None |
You can also check my VMware Product Release page for more information about released products, release notes, and download links.
Change Log:
18.11.2024 – VMware by Broadcom confirmed that exploitation has occurred in the wild for CVE-2024-38812 and CVE-2024-38813
21.10.2024 – Updated Response Matrix with latest vCenter patches released on 2024-10-21 that fully address CVE-2024-38812.
Source:
Broadcom Blog Post
Applying individual product updates to VMware Cloud Foundation environments using the Async Patch Tool (AP Tool)
