HomeVulnerabilityVMware patches security vulnerability twice

VMware patches security vulnerability twice

The vulnerability is a heap overflow within the implementation of the DCERPC (distributed computing atmosphere / distant process name) protocol in vCenter Server. An attacker with community entry to vCenter server can set off them by sending a specifically crafted community packet, which might then result in a distant code execution. That’s why the vulnerability is so harmful and is rated with a CVSS severity ranking of 9.8/10.

Hackers from China discovered the vulnerability

When the primary patch was launched in September 2024, VMware attributed the invention of the problems to analysis groups taking part within the 2024 Matrix Cup, a hacking competitors in China that uncovers zero-days in main working system platforms, smartphones, enterprise software program, browsers and security merchandise.

The Matrix Cup competitors befell in June 2024 and is sponsored by Chinese language cybersecurity agency Qihoo 360 and Beijing Huayun’an Data Know-how.

See also  FBI warns towards cloud credential-stealing Androxgh0st botnet
- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular