VMware vCenter Server Vulnerabilities Actively Exploited

Critical RCE bug in VMware vCenter Server now exploited in attacks. Broadcom has issued a warning that two vulnerabilities in VMware vCenter Server are being actively exploited, including a critical remote code execution (RCE) flaw (CVE-2024-38812) identified during a hacking contest. This vulnerability, stemming from a heap overflow in the DCE/RPC protocol, affects products like VMware vSphere and VMware Cloud Foundation. The second flaw, a privilege escalation vulnerability (CVE-2024-38813), allows attackers to gain root access through specially crafted network packets. Although security updates were released in September, Broadcom has advised that the initial patch for CVE-2024-38812 was insufficient and urged administrators to apply the latest updates immediately, as no workarounds are available.