THE U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Broadcom VMware vCenter Server vulnerability CVE-2024-37079, with a CVSS score of 9.8, to its Known Exploited Vulnerabilities catalog. The flaw is described as a set of heap-overflow issues in the DCERPC protocol that can be exploited by a remote attacker with network access to trigger remote code execution.
VMware addressed related vCenter Server flaws in June 2024, and the advisory notes that a malicious actor with network access may trigger these vulnerabilities by sending a specially crafted packet. According to the advisory, Broadcom has information to suggest that exploitation of CVE-2024-37079 has occurred in the wild. The vulnerabilities were reported by Hao Zheng and Zibo Li from the TianGong Team of Legendsec at Qi’anxin Group. CISA also states that private organisations should address the flaws, and federal agencies are required to fix the vulnerability by 13 February 2026.