ACCORDING to CISA, the U.S. Cybersecurity and Infrastructure Security Agency, a critical flaw in Broadcom VMware vCenter Server, CVE-2024-37079, has been added to the Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation in the wild. The vulnerability, which has a CVSS score of 9.8, involves a heap overflow in the DCE/RPC protocol that could allow a remote attacker with network access to achieve remote code execution by sending a crafted network packet.
It was patched by Broadcom in June 2024 alongside CVE-2024-37080, and Chinese researchers Hao Zheng and Zibo Li from QiAnXin LegendSec were credited with discovering and reporting these issues. Broadcom later updated its advisory to confirm in-the-wild abuse of CVE-2024-37079, and the agency has specified that Federal Civilian Executive Branch agencies must update to the latest version by 13 February 2026 for optimal protection. The advisory notes that it remains unclear who is exploiting the flaw, and whether any named threat actor or group is involved.