Tech

CISA Lists Exploited VMware vCenter Vulnerability CVE-2024-37079 in KEV Catalog

Taylor KeatsmanTaylor Keatsman
CISA Lists Exploited VMware vCenter Vulnerability CVE-2024-37079 in KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has classified a significant flaw in Broadcom’s VMware vCenter Server as a Known Exploited Vulnerability (KEV). This vulnerability, labeled CVE-2024-37079, was included in the KEV catalog due to evidence of ongoing exploitation. Originally patched in June 2024, it poses a considerable threat with a CVSS score of 9.8.

CVE-2024-37079: The Vulnerability Details

CVE-2024-37079 involves a heap overflow within the DCE/RPC protocol. Attackers with network access can leverage this vulnerability to execute remote code by sending tailored packets to the vCenter Server.

Background and Impact

This critical security flaw was resolved in June 2024, along with an additional issue identified as CVE-2024-37080, which also pertains to a heap overflow in the DCE/RPC protocol. Research by Chinese cybersecurity firm QiAnXin LegendSec, particularly by Hao Zheng and Zibo Li, uncovered these vulnerabilities. In April 2025, at the Black Hat Asia conference, the researchers discussed these findings.

  • CVE-2024-37079: Heap overflow vulnerability allowing remote code execution.
  • CVE-2024-37080: Another heap overflow related issue, addressed simultaneously.
  • CVE-2024-38812 and CVE-2024-38813: Additional vulnerabilities discovered, featuring one privilege escalation issue.

Risk of Chaining Vulnerabilities

The research team indicated that CVE-2024-37079 and the privilege escalation vulnerability (CVE-2024-38813) could potentially be combined to achieve unauthorized access and control over ESXi systems.

Exploitation and Mitigation

While the specific methods of exploitation for CVE-2024-37079 remain unclear, it has been confirmed that active exploitation has occurred. Broadcom updated its advisory, acknowledging this threat. In response to these findings, Federal Civilian Executive Branch (FCEB) agencies are mandated to upgrade to the latest VMware version by February 13, 2026, to enhance their security measures.

The ongoing situation emphasizes the need for vigilance in cybersecurity practices, especially concerning vulnerabilities like CVE-2024-37079.

Related Posts

Apple Set to Unveil Gemini-Powered Siri in February

Apple Set to Unveil Gemini-Powered Siri in February

Taylor Keatsman 26 Jan 2026

Nintendo Announces Scheduled Maintenance for January 25, 2026

Nintendo Announces Scheduled Maintenance for January 25...

Taylor Keatsman 26 Jan 2026

Apple’s M5 iPad Pro Achieves Record Low Prices on Amazon

Apple’s M5 iPad Pro Achieves Record Low Prices on Amazon

Taylor Keatsman 26 Jan 2026

LACT 0.8.4 Enhances GPU Overclocking Interface on Linux

LACT 0.8.4 Enhances GPU Overclocking Interface on Linux

Taylor Keatsman 26 Jan 2026

Top 5 Free Apps That Outshine Premium Alternatives

Top 5 Free Apps That Outshine Premium Alternatives

Taylor Keatsman 26 Jan 2026

Splatoon 3 Artist Reveals Creative Process and Game Challenges

Splatoon 3 Artist Reveals Creative Process and Game Cha...

Taylor Keatsman 26 Jan 2026