A critical security flaw, CVE-2024-37079, affecting Broadcom's VMware vCenter Server has been added to the U.S. Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities (KEV) catalog. This vulnerability, with a CVSS score of 9.8, is a serious concern due to its potential for remote code execution.
The flaw, a heap overflow in the DCE/RPC protocol, allows malicious actors with network access to vCenter Server to execute code remotely by sending a specially crafted network packet. This vulnerability was patched by Broadcom in June 2024, along with CVE-2024-37080, another heap overflow issue. The discovery and reporting of these issues are credited to researchers Hao Zheng and Zibo Li from the Chinese cybersecurity company QiAnXin LegendSec.
In a presentation at the Black Hat Asia security conference in 2025, the researchers revealed that CVE-2024-37079 and CVE-2024-37080 are part of a larger set of vulnerabilities found in the DCE/RPC service. This set includes three heap overflows and one privilege escalation vulnerability (CVE-2024-38813). The researchers also found that one of the heap overflows could be chained with the privilege escalation flaw to gain unauthorized remote root access and control over ESXi.
While the exact nature of the exploitation of CVE-2024-37079 remains unknown, Broadcom has confirmed that it has been abused in the wild. The company's updated advisory states, "Broadcom has information to suggest that exploitation of CVE-2024-37079 has occurred." This confirmation highlights the urgency for Federal Civilian Executive Branch (FCEB) agencies to update to the latest version by February 13, 2026, to ensure optimal protection against this actively exploited vulnerability.
This story serves as a reminder of the ever-evolving nature of cybersecurity threats and the importance of staying vigilant. As we navigate the digital landscape, it's crucial to keep ourselves informed and updated to protect against potential attacks. What are your thoughts on this critical vulnerability and the steps taken by CISA and Broadcom? Feel free to share your insights and opinions in the comments below!
