The vulnerability is a stack overflow in the DCERPC (distributed computing environment / remote procedure call) protocol implementation on vCenter Server. An attacker with network access to the vCenter server could launch themselves by sending a specially crafted network packet, which could lead to remote code execution. This is why the vulnerability is very dangerous and is rated with a CVSS severity rating of 9.8/10.
Hackers from China discovered the vulnerability
When the first patch was released in September 2024, VMware said that the discovery of these problems came from research teams participating in the 2024 Matrix Cup, a hacking competition in China that uncovers zero days in major operating system platforms, smartphones, business software, browsers and security products. .
The Matrix Cup competition takes place in June 2024 and is sponsored by Chinese internet security company Qihoo 360 and Beijing Huayun’an Information Technology.
Source link