Wednesday, April 23, 2025
Follow us On Linkedin
HomeCVE/vulnerabilityMultiple VMware NSX Vulnerabilities Let Attackers Gain Root Access

Multiple VMware NSX Vulnerabilities Let Attackers Gain Root Access

CVE/vulnerabilityCyber Security NewsVulnerability

Published on

By Divya
Multiple VMware NSX Vulnerabilities Let Attackers Gain Root Access

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

VMware has disclosed multiple vulnerabilities in its NSX product line that could potentially allow attackers to gain root access.

The vulnerabilities, identified as CVE-2024-38818, CVE-2024-38817, and CVE-2024-38815, affect both VMware NSX and VMware Cloud Foundation.

According to the Broadcom report, the advisory, VMSA-2024-0020, was initially published on October 9, 2024, and highlights the moderate severity of these issues with a CVSSv3 base score ranging from 4.3 to 6.7.

- Advertisement - Google News

Impacted Products

The vulnerabilities impact the following products:

  • VMware NSX
  • VMware Cloud Foundation

These products are critical components in many enterprise environments, providing network virtualization and security services.

Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free

Detailed Analysis of Vulnerabilities

Command Injection Vulnerability (CVE-2024-38817)

This vulnerability, CVE-2024-38817, involves command injection within VMware NSX. It allows a malicious actor to access the NSX Edge CLI terminal and execute arbitrary commands on the operating system as root.

This issue has a maximum CVSSv3 base score of 6.7. The vulnerability can be remediated by updating to version 4.2.1 for NSX and version 3.2.4.1 for NSX-T.

Local Privilege Escalation Vulnerability (CVE-2024-38818)

This vulnerability, CVE-2024-38818, allows an authenticated malicious actor to escalate privileges and obtain permissions from a separate group role than previously assigned. It also carries a maximum CVSSv3 base score of 6.7.

To address this vulnerability, users should update to version 4.2.1 for NSX, while Cloud Foundation users should apply an asynchronous patch.

Content Spoofing Vulnerability (CVE-2024-38815)

This vulnerability, CVE-2024-38815, allows an unauthenticated attacker to craft a URL that redirects victims to an attacker-controlled domain, potentially leading to sensitive information disclosure. It has a CVSSv3 base score of 4.3.

VMware’s recent advisory underscores the importance of timely updates and patches in maintaining cybersecurity defenses.

Organizations using affected VMware products are urged to apply the recommended updates promptly to mitigate potential risks associated with these vulnerabilities.

Upgrade Your Cybersecurity Skills With 100+ Premium Cyber Security Courses Online - Enroll Here

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Cloud

Google Cloud Composer Flaw Allows Attackers to Gain Elevated Privileges

Research disclosed a now-patched high-severity vulnerability in Google Cloud Platform’s (GCP) Cloud Composer service,...
CVE/vulnerability

Moodle Core vulnerabilities Allow Attackers to Evade Security Measures

A recent security audit has uncovered critical vulnerabilities within Moodle, the widely used open-source...
cyber security

Hackers Exploit Cloudflare Tunnel Infrastructure to Deploy Multiple Remote Access Trojans

The Sekoia TDR (Threat Detection & Research) team has reported on a sophisticated network...
cyber security

Threat Actors Leverage npm and PyPI with Impersonated Dev Tools for Credential Theft

The Socket Threat Research Team has unearthed a trio of malicious packages, two hosted...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

Register Now

More like this

Cloud

Google Cloud Composer Flaw Allows Attackers to Gain Elevated Privileges

Research disclosed a now-patched high-severity vulnerability in Google Cloud Platform’s (GCP) Cloud Composer service,...
CVE/vulnerability

Moodle Core vulnerabilities Allow Attackers to Evade Security Measures

A recent security audit has uncovered critical vulnerabilities within Moodle, the widely used open-source...
cyber security

Hackers Exploit Cloudflare Tunnel Infrastructure to Deploy Multiple Remote Access Trojans

The Sekoia TDR (Threat Detection & Research) team has reported on a sophisticated network...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2025 GBHackers On Security - All Rights Reserved