CISA says critical VMware RCE flaw now actively exploited
ID: 881ed016-a27f-52e7-a4e7-cf9c9bcfb6ad
STIX ID: report--881ed016-a27f-52e7-a4e7-cf9c9bcfb6ad
Feed Name: Bleeping Computer
Threat Score
CISA and Broadcom warn that CVE-2024-37079, a heap overflow in VMware vCenter's DCERPC implementation allowing unauthenticated remote code execution, is actively exploited in the wild; agencies must apply Broadcom's patches immediately because no workarounds exist and federal systems were given three weeks to remediate under BOD 22-01.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.