VMware released an advisory (VMSA-2024-0021) addressing a critical vulnerability in its HCX platform.
The vulnerability, CVE-2024-38814, is an authenticated SQL injection flaw that poses a significant security risk. With a CVSSv3 base score of 8.8, this issue is classified as having “Important” severity.
The vulnerability allows malicious authenticated users with non-administrator privileges to execute unauthorized remote code on the HCX manager by submitting specially crafted SQL queries.
According to the Broadcom report, the vulnerability affects multiple versions of VMware HCX, specifically version 4.10.x, 4.9.x, and 4.8.x.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free
VMware has promptly released patches to address this issue. Users are strongly advised to apply the updates listed in the “Fixed Version” column of the response matrix provided below:
| VMware Product | Version | CVE | CVSSv3 | Severity | Fixed Version |
| VMware HCX | 4.10.x | CVE-2024-38814 | 8.8 | Important | 4.10.1 |
| VMware HCX | 4.9.x | CVE-2024-38814 | 8.8 | Important | 4.9.2 |
| VMware HCX | 4.8.x | CVE-2024-38814 | 8.8 | Important | 4.8.3 |
No workarounds or additional documentation are available for this vulnerability, underscoring the urgency of users updating their systems immediately.
VMware has acknowledged Sina Kheirkhah (@SinSinology) of the Summoning Team (@SummoningTeam), working with Trend Micro Zero Day Initiative (ZDI), for responsibly reporting this vulnerability.
This collaboration highlights the importance of coordinated disclosure in maintaining cybersecurity.
Organizations using VMware HCX should prioritize updating their systems to fixed versions to mitigate potential exploitation risks.
Regularly reviewing security advisories and maintaining updated software versions are crucial to safeguarding against vulnerabilities such as CVE-2024-38814.
For further details, users can refer to VMware’s official advisory page and stay informed about any future updates or related security notices from VMware.
This incident reminds us of the ever-present threat landscape and the need for vigilance in cybersecurity practices across all sectors, using virtualized environments like VMware HCX.
How to Choose an ultimate Managed SIEM solution for Your Security Team -> Download Free Guide(PDF)
A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious actors…
SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce shoppers…
The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to malicious…
Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in 2022…
CVE-2024-52301 is a critical vulnerability identified in Laravel, a widely used PHP framework for building…
A critical vulnerability has been discovered in the popular "Really Simple Security" WordPress plugin, formerly…