Identified - Pulsant Cyber Security are aware of Critical Vulnerabilities impacting VMware vCenter Server and VMware Cloud Foundation. These include a heap-overflow vulnerability (CVE-2024-38812) with a CVSSv3 score of 9.8, and a privilege escalation vulnerability (CVE-2024-38813) with a CVSSv3 score of 7.5. Exploitation of these vulnerabilities has been observed in the wild.

Impacted Products:
VMware vCenter Server (versions 7.0, 8.0)
VMware Cloud Foundation (versions 4.x, 5.x, 5.1.x)
Vulnerability Details:
Heap-overflow vulnerability in vCenter Server (CVE-2024-38812):

Severity: Critical (CVSSv3 9.8)
Description: This vulnerability in the DCERPC protocol allows remote code execution when an attacker with network access sends a specially crafted packet to vCenter Server.
Resolution: Immediate application of the latest patches from the "Response Documentation" is essential.
Privilege escalation vulnerability in vCenter Server (CVE-2024-38813):

Severity: Important (CVSSv3 7.5)
Description: This vulnerability can enable an attacker to escalate privileges to root by sending a specially crafted packet to vCenter Server.
Resolution: Application of the latest patches from the "Response Documentation" is required to remediate this issue.

Response Documentation : https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968

Nov 19, 2024 - 10:06 GMT

About This Site

We are the UK’s leading colocation and cloud infrastructure provider.

We provide colocation and cloud infrastructure services from our 12 regional data centres, including integration and management of public cloud, with a core focus on availability, security and connectivity.

Business Continuity Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Asigra) Edinburgh Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Asigra) Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Asigra) Newcastle Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Asigra) Reading Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Veeam) Edinburgh Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Veeam) Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Disaster Recovery Operational
90 days ago
100.0 % uptime
Today
Data Centre Services Operational
90 days ago
99.99 % uptime
Today
Edinburgh Medway Operational
90 days ago
100.0 % uptime
Today
Edinburgh Newbridge Operational
90 days ago
100.0 % uptime
Today
Edinburgh South Gyle Operational
90 days ago
100.0 % uptime
Today
Glasgow Operational
90 days ago
100.0 % uptime
Today
Maidenhead Operational
90 days ago
100.0 % uptime
Today
Manchester Operational
90 days ago
100.0 % uptime
Today
Milton Keynes Operational
90 days ago
99.97 % uptime
Today
Newcastle Central Operational
90 days ago
100.0 % uptime
Today
Newcastle East Operational
90 days ago
100.0 % uptime
Today
Reading Operational
90 days ago
100.0 % uptime
Today
Sheffield Operational
90 days ago
100.0 % uptime
Today
South London Operational
90 days ago
100.0 % uptime
Today
Managed Cloud Operational
90 days ago
100.0 % uptime
Today
Azure Operational
90 days ago
100.0 % uptime
Today
AWS Operational
90 days ago
100.0 % uptime
Today
Cloud Storage Edinburgh Operational
90 days ago
100.0 % uptime
Today
Cloud Storage Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Cloud Storage Newcastle Central Operational
90 days ago
100.0 % uptime
Today
Cloud Storage Newcastle East Operational
90 days ago
100.0 % uptime
Today
Cloud Storage Reading Operational
90 days ago
100.0 % uptime
Today
Managed Office 365 Operational
90 days ago
100.0 % uptime
Today
Pulsant Enterprise Cloud (PEC) Edinburgh Operational
90 days ago
100.0 % uptime
Today
Pulsant Enterprise Cloud (PEC) Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Pulsant Enterprise Cloud (PEC) Newcastle Central Operational
90 days ago
100.0 % uptime
Today
Pulsant Enterprise Cloud (PEC) Newcastle East Operational
90 days ago
100.0 % uptime
Today
Pulsant Enterprise Cloud (PEC) Reading Operational
90 days ago
100.0 % uptime
Today
Cloud Desktop Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Cloud Desktop Edinburgh Operational
90 days ago
100.0 % uptime
Today
Email Security Services Operational
90 days ago
100.0 % uptime
Today
Pulsant Cloud LN-1 Croydon Operational
90 days ago
100.0 % uptime
Today
Pulsant Cloud SC-1 Edinburgh Operational
90 days ago
100.0 % uptime
Today
Pulsant Cloud NE-1 Newcastle Operational
90 days ago
100.0 % uptime
Today
Managed Networks Operational
90 days ago
100.0 % uptime
Today
Cloud Connect Operational
90 days ago
100.0 % uptime
Today
Maidenhead Operational
90 days ago
100.0 % uptime
Today
Medway Operational
90 days ago
100.0 % uptime
Today
Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Newcastle Operational
90 days ago
100.0 % uptime
Today
Newbridge Operational
90 days ago
100.0 % uptime
Today
Reading Operational
90 days ago
100.0 % uptime
Today
South Gyle Operational
90 days ago
100.0 % uptime
Today
South London Operational
90 days ago
100.0 % uptime
Today
South Yorkshire Operational
90 days ago
100.0 % uptime
Today
Leased Lines Operational