CVE-2024-37079 | Broadcom | Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability | 2026-01-23 | Broadcom VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. This could allow a malicious actor with network access to vCenter Server to send specially crafted network packets, potentially leading to remote code execution. | Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | 2026-02-13 |
확인 시간 : 2026-01-24 06:15
KISA 보안취약점 정보포털 진흥원 : 취약점 정보 공유 > 보안공지
[게시판] https://knvd.krcert.or.kr/securityNotice.do
[게시글] https://knvd.krcert.or.kr/detailSecNo.do?IDX=6671
제목 : 美 CISA 발표 주요 Exploit 정보공유(Update. 2026-01-23)
현재 자주 악용되고 있는 취약점 목록으로, 취약한 버전의 SW를 사용 중인 경우 긴급 패치를 권고 드립니다.
* 참조 링크 : https://www.cisa.gov/known-exploited-vulnerabilities-catalog
cveID
vendorProject
vulnerabilityName
dateAdded
shortDescription
requiredAction
dueDate
CVE-2024-37079
Broadcom
Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability
2026-01-23
Broadcom VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. This could allow a malicious actor with network access to vCenter Server to send specially crafted network packets, potentially leading to remote code execution.
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
2026-02-13
출처 사이트 : https://www.cisa.gov/known-exploited-vulnerabilities-catalog