A critical security alert has been issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), highlighting a serious vulnerability in Broadcom's VMware vCenter Server. This vulnerability, CVE-2024-37079, has been added to CISA's Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation. With a CVSS score of 9.8, it's a serious concern for any organization using vCenter Server.
The vulnerability stems from a heap overflow in the DCE/RPC protocol implementation, allowing potential remote code execution by malicious actors with network access. This is a significant issue, as it could lead to unauthorized control over the system.
Broadcom resolved this issue, along with CVE-2024-37080, in June 2024. The discovery and reporting of these vulnerabilities are credited to researchers Hao Zheng and Zibo Li from the Chinese cybersecurity company QiAnXin LegendSec.
In a presentation at Black Hat Asia in 2025, the researchers revealed that CVE-2024-37079 is part of a set of four vulnerabilities found in the DCE/RPC service. They also discovered that this vulnerability could be chained with another, CVE-2024-38813, to gain unauthorized remote root access and control over ESXi.
The intriguing part is that we don't yet know the full extent of the exploitation. While Broadcom has confirmed wild abuse of the vulnerability, the details are still emerging. Who is behind these attacks, and how widespread are they? These questions remain unanswered.
Broadcom's recent advisory update officially acknowledges the in-the-wild exploitation of CVE-2024-37079. In response to this active exploitation, Federal Civilian Executive Branch (FCEB) agencies are urged to update to the latest version by February 13, 2026, to ensure optimal protection.
This critical security flaw serves as a reminder of the ever-evolving nature of cybersecurity threats. It's a complex issue, but understanding these vulnerabilities is crucial for maintaining a secure digital environment.
What are your thoughts on this recent development? Do you think organizations are doing enough to stay ahead of these threats? Feel free to share your insights and opinions in the comments below!
