Broadcom has released a pair of patches for vulnerabilities in VMware vCenter Server that an attacker with network access to the software could exploit to fully control a system. This also affects the Cloud Foundation.

The first flaw, CVE-2024-38812, is a heap overflow vulnerability in the Distributed Computing Environment/Remote Procedure Calls (DCERPC) system that could be exploited over the network to allow remote code execution on unpatched systems. Corruption of the heap can allow an attacker to execute arbitrary code on the system. Broadcom rates it as a critical fix and it has a CVSS score of 9.8 out of 10.

The other, CVE-2024-38813, is a privilege escalation flaw that ranks a CVSS score of 7.5 and one that VMware owner Broadcom rates as important. Someone with network access to VMware's vulnerable software could exploit this to gain root privileges on the system.

We can imagine a miscreant with network access using CVE-2024-38812 to gain code execution on a box and then using CVE-2024-38813 to ascend to administrative control. This scenario is not explicitly described in the advisory, although Broadcom chose to link the deficiencies in its advisory today and FAQ.