VMware Product Security Update Advisory (CVE-2024-38812, CVE-2024-38813)

VMware released an update addressing two vCenter Server vulnerabilities (CVE-2024-38812 and CVE-2024-38813): a DCERPC heap overflow and a remotely exploitable privilege-escalation flaw. Affected versions include vCenter Server 8.0 and 7.0 and VMware Cloud Foundation 4.x/5.x; vendor-provided patches (e.g., 8.0 U3b, 7.0 U3) are available with guidance in VMSA-2024-0019.