CVE-2024-37079.md
1 #### 19-09-2024 2 3 **1. Description:** 4 5 - **Brief Summary:** Allow attackers to execute arbitrary code remotely 6 - **Technical Details:** The vulnerability is due to a lack of validation of the calculated response header size used in subtraction. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted [[DCERPC]] packet to the target server. 7 - **Severity Score:** 8 - **CVSS v3.1 Base Score:** 9.8 9 - **CVSS v3.1 Vector:** CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10 - **Affected Software/Versions:** 11 - vCenter Server 7.0, 8.0 12 - VMware Cloud Foundation 4.x, 5.x 13 14 **2. Related Information:** 15 16 - **CWE:** [CWE-787](http://cwe.mitre.org/data/definitions/787.html) 17 18 **3. Vulnerability Analysis:** 19 20 - **Impact:** 21 - Remote Code Execution (RCE) 22 - **Remediation:** Install patch 23 24 **4. References:** 25 26 - **Official CVE Entry:** [Yes](https://nvd.nist.gov/vuln/detail/CVE-2024-37079) 27 - **Vendor Advisory:** 28 - [The Hacker News](https://thehackernews.com/2024/09/patch-issued-for-critical-vmware.html) 29 - [Vulcan](https://vulcan.io/blog/how-to-fix-cve-2024-37079-cve-2024-37080-in-vmware-vcenter-server/) 30 - [Zero Day Initiative](https://www.zerodayinitiative.com/blog/2024/8/27/cve-2024-37079-vmware-vcenter-server-integer-underflow-code-execution-vulnerability) 31 - [CVE](https://www.cve.news/cve-2024-37079/) 32 - **Other Relevant Resources:** 33 - **POC**: [Yes](https://www.cve.news/cve-2024-37079/) 34 35 **5. Notes (Optional):** 36 37 - **Additional Information:** 38 - **Timeline:**