Close this search box.

Voice from the SOC: VMware/Broadcom critical vulnerability alert

What is the vulnerability? 

Broadcom have published a critical security vulnerability that affects ‘VMware vCenter server’ and ‘VMware Cloud Foundation’. It has been elevated to ‘critical severity range’ with a maximum CVSSv3 score of 9.8

What is the risk? 

A malicious actor with network access to vCenter Server may trigger heap-overflow and privilege escalation vulnerabilities by sending a specially crafted network packet potentially leading to remote code execution. 

Who does it affect? 

Affected products are: 

  • VMware vCenter Server
  • VMware Cloud Foundation


Updates can be applied to affected products. It is recommended these are applied at the earliest convenience. Full details are listed in this article: 

Need assistance? 

Proact can provide an urgent patching service to affected products. To request assistance, please email or call +44 844 248 8020


Related content