PULSE
EN VIVO22señales / 24h
FEED
ransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Services
← Todos los CVEs
CVE Watch

CVE-2024-38813

VMware vCenter Server Privilege Escalation Vulnerability

CVSS

Sin CVSS

EPSS

16.7%

p97

KEV

20 nov 2024

Exploit Today

79

0-100

Publicado: · Última mod.:

EPSS · 30d
16.7%EPSS · 30 días16.7%
2026-06-302026-07-16
Ficha del catálogo KEV

Producto

VMware / vCenter Server

Vulnerabilidad

VMware vCenter Server Privilege Escalation Vulnerability

Añadido a KEV

20 nov 2024

Remediar antes de

11 dic 2024

Uso conocido en ransomware

No

Descripción resumida

VMware vCenter contains an improper check for dropped privileges vulnerability. This vulnerability could allow an attacker with network access to the vCenter Server to escalate privileges to root by sending a specially crafted packet.

Acción requerida

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Notas

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968 ; https://nvd.nist.gov/vuln/detail/CVE-2024-38813

CVEs relacionados
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2021-21985
100.0%
KEV80VMware vCenter Server Improper Input Validation Vulnerability
CVE-2021-22005
100.0%
KEV80VMware vCenter Server File Upload Vulnerability
CVE-2023-34048
99.9%
KEV80VMware vCenter Server Out-of-Bounds Write Vulnerability
CVE-2021-21972
99.9%
KEV80VMware vCenter Server Remote Code Execution Vulnerability
CVE-2020-3952
99.8%
KEV80VMware vCenter Server Information Disclosure Vulnerability
CVE-2024-38812
98.9%
KEV80VMware vCenter Server Heap-Based Buffer Overflow Vulnerability