Search
Close this search box.

Voice from the SOC: VMware/Broadcom critical vulnerability alert

What is the vulnerability? 

Broadcom have published a critical security vulnerability that affects ‘VMware vCenter server’ and ‘VMware Cloud Foundation’. It has been elevated to ‘critical severity range’ with a maximum CVSSv3 score of 9.8

What is the risk? 

A malicious actor with network access to vCenter Server may trigger heap-overflow and privilege escalation vulnerabilities by sending a specially crafted network packet potentially leading to remote code execution. 

Who does it affect? 

Affected products are: 

  • VMware vCenter Server
  • VMware Cloud Foundation

Resolution 

Updates can be applied to affected products. It is recommended these are applied at the earliest convenience. Full details are listed in this article: https://core.vmware.com/resource/vmsa-2024-0012-questions-answers 

Need assistance? 

Proact can provide an urgent patching service to affected products. To request assistance, please email servicedesk@proact.co.uk or call +44 844 248 8020

Share

Related content