Skip to content
arrow-alt-circle-up icon

Cyber Incident Call

arrow-alt-circle-up icon

00800 1744 0000

arrow-alt-circle-up icon

See all Threat Responses
On June 19th 2024, Broadcom (formerly VMware) issued a patch for a vulnerability in VMware vCenter Server tracked under CVE-2024-37079 and CVE-2024-37080 [1][2]. The vulnerabilities allow for remote code execution. We urge all recipients to install updates on vulnerable instances of vCenter Server as soon as possible.


The vulnerabilites tracked under CVE-2024-37079 and CVE-2024-37080 are in the DCERPC protocol implementation in vCenter Server. These vulnerabilities may allow a malicious actor with network access to trigger remote code execution by sending a specially crafted network packet [3]. 


An unauthenticed attacker could gain remote code execution on the vCenter Server over the network. Based on this, we estimate the impact of these vulnerabilities as high.


At the time of writing, we are not aware of any publicly availble exploits for these vulnerabilities. However, based on typical VMware vCenter Server deployments which might be connected to the Internet, we estimate the risk of these vulnerabilities as high.


Broadcom recommends installing the latest patches for the following affected products [3]:
  • vCenter Server 8.0
  • vCenter Server 7.0
  • Cloud Foundation (vCenter Server) 5.x
  • Cloud Foundation (vCenter Server) 4.x

What should you do?

Verify whether one or more of the affected VMware products is used inside your organization. We recommend installing the recommended patches for the affected VMware vCenter Server and Cloud Foundation products as soon as possible. And we strongly recommend not exposing VMware vCenter Server to untrusted users over the network, especially given the recent history of vulnerabilities in the DCERPC protocol implementation.

What will Northwave do?

Vulnerability Management customers will be informed in case vulnerable systems are detected in their infrastructure. 
We will monitor any developments regarding this vulnerability. If new critical information about this threat arises we will reach out to you. You can call us by phone or send us an email if you would like additional information.
Do you have an incident right now? Call our Incident Response Team: 00800 1744 0000


Disclaimer applies, see below.


Northwave has made every effort to make this information accurate and reliable. However, the information provided is without warranty of any kind and its use is at the sole risk of the user. Northwave does not accept any responsibility or liability for the accuracy, content, completeness, legality or reliability of the information provided. We will not be liable for any loss or damage of whatever nature, direct or indirect, consequential or other, whether arising in contract, tort or otherwise, which may arise as a result of your use of, or inability to use, this information or any additional information provided by us in direct or indirect relation to the information provided here.