DEV Community

Cover image for CVE-2024-37079: Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability
Freedom Coder
Freedom Coder

Posted on • Originally published at scyscan.com

CVE-2024-37079: Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability

#broadcom #vmwarevcenterserver #cybersecurity #vulnerability

CVE ID

CVE-2024-37079

Vulnerability Name

Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability

  • Project: Broadcom
  • Product: VMware vCenter Server

Date

  • Date Added: 2026-01-23
  • Due Date: 2026-02-13

Description

Broadcom VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. This could allow a malicious actor with network access to vCenter Server to send specially crafted network packets, potentially leading to remote code execution.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453 ; https://nvd.nist.gov/vuln/detail/CVE-2024-37079

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List

Top comments (0)