A critical security alert has been issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), highlighting a serious vulnerability in Broadcom's VMware vCenter Server. This flaw, known as CVE-2024-37079, has a CVSS score of 9.8, indicating its high severity. The vulnerability allows remote code execution, a serious issue that could lead to unauthorized access and control over affected systems.
The flaw was discovered by researchers Hao Zheng and Zibo Li from the Chinese cybersecurity firm QiAnXin LegendSec. They presented their findings at the Black Hat Asia conference in 2025, revealing a set of four vulnerabilities in the DCE/RPC service. These included three heap overflows and one privilege escalation issue. The researchers demonstrated how one of the heap overflow vulnerabilities could be exploited in conjunction with the privilege escalation flaw (CVE-2024-38813) to gain unauthorized remote root access and control over ESXi.
What's concerning is the active exploitation of CVE-2024-37079 in the wild. While the exact scale and nature of these attacks remain unknown, Broadcom has confirmed that the vulnerability is being abused. This has prompted CISA to add the flaw to its Known Exploited Vulnerabilities (KEV) catalog, urging Federal Civilian Executive Branch (FCEB) agencies to update to the latest version by February 13, 2026, to ensure optimal protection.
The details of this vulnerability and its exploitation are a stark reminder of the ever-present threat landscape. It's a complex issue, but understanding these vulnerabilities is crucial for maintaining the security of our digital infrastructure. As we navigate these challenges, it's important to stay informed and proactive in our cybersecurity practices.
And here's the twist: despite the severity of this vulnerability, there's still much we don't know about its exploitation. Who is behind these attacks? What is the true scale of the threat? These questions remain unanswered, leaving a sense of uncertainty. But one thing is clear: the need for robust cybersecurity measures has never been more apparent.
What are your thoughts on this critical security flaw and its implications? Feel free to share your insights and join the discussion in the comments below!
