{"id":181179,"date":"2026-01-24T03:09:00","date_gmt":"2026-01-24T08:09:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/01\/24\/cisa-adds-actively-exploited-vmware-vcenter-flaw-cve-2024-37079-to-kev-catalog\/"},"modified":"2026-01-24T06:00:10","modified_gmt":"2026-01-24T11:00:10","slug":"cisa-adds-actively-exploited-vmware-vcenter-flaw-cve-2024-37079-to-kev-catalog","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/01\/24\/cisa-adds-actively-exploited-vmware-vcenter-flaw-cve-2024-37079-to-kev-catalog\/","title":{"rendered":"CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/01\/cisa-adds-actively-exploited-vmware.html\">CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/01\/cisa-adds-actively-exploited-vmware.html\">https:\/\/thehackernews.com\/2026\/01\/cisa-adds-actively-exploited-vmware.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-01-24 03:09:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points.<br \/>\n\ue804Ravie Lakshmanan\ue802Jan 24, 2026Vulnerability \/ Enterprise Security<br \/>\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.<br \/>\nThe vulnerability in question is CVE-2024-37079 (CVSS score: 9.8), which refers to a heap overflow in the implementation of the DCE\/RPC protocol that could allow a bad actor with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.<br \/>\nIt was resolved by Broadcom in June 2024, along with CVE-2024-37080, another heap overflow in the implementation of the DCE\/RPC protocol that could lead to remote code execution. Chinese cybersecurity company QiAnXin LegendSec researchers Hao Zheng and Zibo Li were credited with discovering and reporting the issues.<\/p>\n<p>In a presentation at the Black Hat Asia security conference in April 2025, the researchers said the two flaws are part of a set of four vulnerabilities \u2013 three heap overflows and one privilege escalation \u2013 that were discovered in the DCE\/RPC service. The two other flaws, CVE-2024-38812 and CVE-2024-38813, were patched by Broadcom in September 2024.<br \/>\nIn particular, they found that one of the heap overflow vulnerabilities could be chained with the privilege escalation vulnerability (CVE-2024-38813) to achieve unauthorized remote root access and ultimately gain control over ESXi.<br \/>\nIt&#8217;s currently not known how CVE-2024-37079 is being exploited, if it&#8217;s the work of any known threat actor or group, or the scale of such attacks. However, Broadcom has since updated its advisory to officially confirm in-the-wild abuse of the vulnerability.<br \/>\n&#8220;Broadcom has information to suggest that exploitation of CVE-2024-37079 has occurred in the wild,&#8221; the company said in its update.<br \/>\nIn light of active exploitation, Federal Civilian Executive Branch (FCEB) agencies are required to update to the latest version by February 13, 2026, for optimal protection.<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog https:\/\/thehackernews.com\/2026\/01\/cisa-adds-actively-exploited-vmware.html Publish Date: 2026-01-24&#8230;<\/p>\n","protected":false},"author":1,"featured_media":181180,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiAS4r1YmdF-kqL3YwcAZAYsspwp0KB3XNknsYwmjR5YrXgNy956NSjgc3-RacAnCgT56dkPCBNRZfrbw18N2JfGMkd2ZFTRIqVxdjsNe2P5akQ56kpc5nplK8KPy-9TLEDycjb2QZrBqhEL-4jEL9upEN0CAvvkJYyEdNqCPicbPScEfmTIyPleWeUCP35\/s1600-e365\/vmware.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,34,27],"class_list":["post-181179","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-threat-actor","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/181179"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=181179"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/181179\/revisions"}],"predecessor-version":[{"id":181181,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/181179\/revisions\/181181"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/181180"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=181179"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=181179"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=181179"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}