← ExploitWatch
HomeExploited Vulnerabilities

CVE-2024-38813 — Actively Exploited: vCenter Server (VMware)

VMware vCenter contains an improper check for dropped privileges vulnerability. This vulnerability could allow an attacker with network access to the vCenter Server to escalate privileges to root by sending a specially crafted packet.

CVE IDCVE-2024-38813
VendorVMware
ProductvCenter Server
Vulnerability nameVMware vCenter Server Privilege Escalation Vulnerability
Date added2024-11-20
Remediation due2024-12-11
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionVMware vCenter contains an improper check for dropped privileges vulnerability. This vulnerability could allow an attacker with network access to the vCenter Server to escalate privileges to root by sending a specially crafted packet.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →