{"uuid": "86e7fdd4-45b6-46ff-9a09-ff7420a624d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/securixy_kz/894", "content": "\ud83d\udd25 VMware vCenter Server RCE + PrivEsc\n\nMultiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol. They could allow a bad actor with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.\n\n\u2014 CVE-2024-37079: A heap-overflow vulnerability in the DCERPC protocol implementation of vCenter Server that allows a malicious actor with network access to send specially crafted packets, potentially leading to remote code execution. (CVSS v3.1 score: 9.8 \"critical\");\n\n\u2014 CVE-2024-37080: Another heap overflow vulnerability in the DCERPC protocol of vCenter Server. Similar to CVE-2024-37079, it allows an attacker with network access to exploit heap overflow by sending crafted packets, potentially resulting in remote code execution. (CVSS v3.1 score: 9.8 \"critical\");\n\n\u2014 CVE-2024-37081: This vulnerability arises from a misconfiguration of sudo in vCenter Server, permitting an authenticated local user to exploit this flaw to elevate their privileges to root on the vCenter Server Appliance. (CVSS v3.1 score: 7.8 \"high\").\n\nNuclei Template (PoC):\n\ud83d\udd17 https://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a\n\nShodan\nproduct:\"VMware vCenter Server\"\nFOFA\napp=\"vmware-vCenter\"\n\n#vmware #vcenter #rce #lpe #cve", "creation_timestamp": "2026-07-13T01:00:08.565333Z"}