VMware released an advisory (VMSA-2024-0021) addressing a critical vulnerability in its HCX platform.
The vulnerability, CVE-2024-38814, is an authenticated SQL injection flaw that poses a significant security risk. With a CVSSv3 base score of 8.8, this issue is classified as having “Important” severity.
The vulnerability allows malicious authenticated users with non-administrator privileges to execute unauthorized remote code on the HCX manager by submitting specially crafted SQL queries.
According to the Broadcom report, the vulnerability affects multiple versions of VMware HCX, specifically version 4.10.x, 4.9.x, and 4.8.x.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free
VMware has promptly released patches to address this issue. Users are strongly advised to apply the updates listed in the “Fixed Version” column of the response matrix provided below:
| VMware Product | Version | CVE | CVSSv3 | Severity | Fixed Version |
| VMware HCX | 4.10.x | CVE-2024-38814 | 8.8 | Important | 4.10.1 |
| VMware HCX | 4.9.x | CVE-2024-38814 | 8.8 | Important | 4.9.2 |
| VMware HCX | 4.8.x | CVE-2024-38814 | 8.8 | Important | 4.8.3 |
No workarounds or additional documentation are available for this vulnerability, underscoring the urgency of users updating their systems immediately.
VMware has acknowledged Sina Kheirkhah (@SinSinology) of the Summoning Team (@SummoningTeam), working with Trend Micro Zero Day Initiative (ZDI), for responsibly reporting this vulnerability.
This collaboration highlights the importance of coordinated disclosure in maintaining cybersecurity.
Organizations using VMware HCX should prioritize updating their systems to fixed versions to mitigate potential exploitation risks.
Regularly reviewing security advisories and maintaining updated software versions are crucial to safeguarding against vulnerabilities such as CVE-2024-38814.
For further details, users can refer to VMware’s official advisory page and stay informed about any future updates or related security notices from VMware.
This incident reminds us of the ever-present threat landscape and the need for vigilance in cybersecurity practices across all sectors, using virtualized environments like VMware HCX.
How to Choose an ultimate Managed SIEM solution for Your Security Team -> Download Free Guide(PDF)
Cybercriminals are increasingly exploiting search engine optimization (SEO) techniques and paid advertisements to manipulate search…
Cybersecurity experts have unearthed an intricate cyber campaign that leverages deceptive websites posing as the…
Hackers are exploiting what's known as "Dangling DNS" records to take over corporate subdomains, posing…
Security researchers and cybersecurity experts have recently uncovered new variants of the notorious HelloKitty ransomware,…
The RansomHub ransomware group has emerged as a significant danger, targeting a wide array of…
Threat actors are increasingly using email bombing to bypass security protocols and facilitate further malicious…