Critical Vulnerabilities in VMware vCenter Server
Date: June 18, 2024
CVE: CVE-2024-37079, CVE-2024-37080, CVE-2024-37081
Vulnerability Type: Buffer Overflow, Memory Corruption
CWE: [[CWE-787]], [[CWE-416]], [[CWE-125]]
Sources: SecurityWeek, Cybersecurity News, Broadcom VMware advisory
Synopsis
Multiple critical vulnerabilities in VMware vCenter Server have been identified, potentially allowing remote code execution (RCE). These issues, detailed in VMware's security advisory VMSA-2024-0012, include CVE-2023-34048, which affects the DCE/RPC protocol implementation. The DCE/RPC (Distributed Computing Environment / Remote Procedure Call) protocol is a network protocol developed by the Open Group. It enables communication between client and server applications by allowing a program to request services from a program located on another computer within a network. DCE/RPC is based on the concept of remote procedure calls (RPC), which facilitate the execution of code on a remote system as if it were local.
Issue Summary
VMware vCenter Server, a key management component for VMware environments, contains several critical vulnerabilities. If exploited, these could allow attackers to execute arbitrary code remotely. The most critical of these, CVE-2023-34048, has been rated with a CVSS score of 9.8, indicating high severity.
Technical Key Findings
The vulnerabilities primarily involve memory corruption issues such as heap overflow and use-after-free errors in the DCE/RPC protocol. These can be exploited by sending specially crafted packets to the vCenter Server, leading to remote code execution and potential system compromise.
Vulnerable Products
- vCenter Server 8.0
- vCenter Server 7.0
- VMware Cloud Foundation versions 4.x and 5.x
**Response Matrix:
| VMware Product | Version | Running On | CVE | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
| ------------------ | ----------- | -------------- | ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------- | --------------- | ------------------------------------------------------------------------ |
| vCenter Server | 8.0 | Any | CVE-2024-37079, CVE-2024-37080, CVE-2024-37081 | 9.8, 9.8, 7.8 | Critical | 8.0 U2d | None | FAQ |
| vCenter Server | 8.0 | Any | CVE-2024-37079, CVE-2024-37080 | 9.8, 9.8 | Critical | 8.0 U1e | None | FAQ |
| vCenter Server | 7.0 | Any | CVE-2024-37079, CVE-2024-37080, CVE-2024-37081 | 9.8, 9.8, 7.8 | Critical | 7.0 U3r | None | FAQ |
**
Impacted Product Suites that Deploy Response Matrix 3a and 3b Components:
*
| VMware Product | Version | Running On | CVE | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
| --------------------------------- | ----------- | -------------- | ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------- | --------------- | ------------------------------------------------------------------------ |
| Cloud Foundation (vCenter Server) | 5.x | Any | CVE-2024-37079, CVE-2024-37080, CVE-2024-37081 | 9.8, 9.8, 7.8 | Critical | KB88287 | None | FAQ |
| Cloud Foundation (vCenter Server) | 4.x | Any | CVE-2024-37079, CVE-2024-37080, CVE-2024-37081 | 9.8, 9.8, 7.8 | Critical | KB88287 | None | FAQ |
Impact Assessment
Successful exploitation of these vulnerabilities could result in complete control over the affected systems, allowing attackers to perform any action, including data theft, service disruption, and further network compromise.
Patches or Workarounds
VMware has released patches to address these vulnerabilities. Administrators are advised to update to the fixed versions (8.0 U2d, 7.0 U3r) . There are no available workarounds.
Tags
#VMware #vCenterServer #CVE-2023-34048 #RemoteCodeExecution #PatchManagement #Cybersecurity