VMware released an advisory (VMSA-2024-0021) addressing a critical vulnerability in its HCX platform.
The vulnerability, CVE-2024-38814, is an authenticated SQL injection flaw that poses a significant security risk. With a CVSSv3 base score of 8.8, this issue is classified as having “Important” severity.
The vulnerability allows malicious authenticated users with non-administrator privileges to execute unauthorized remote code on the HCX manager by submitting specially crafted SQL queries.
According to the Broadcom report, the vulnerability affects multiple versions of VMware HCX, specifically version 4.10.x, 4.9.x, and 4.8.x.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free
VMware has promptly released patches to address this issue. Users are strongly advised to apply the updates listed in the “Fixed Version” column of the response matrix provided below:
| VMware Product | Version | CVE | CVSSv3 | Severity | Fixed Version |
| VMware HCX | 4.10.x | CVE-2024-38814 | 8.8 | Important | 4.10.1 |
| VMware HCX | 4.9.x | CVE-2024-38814 | 8.8 | Important | 4.9.2 |
| VMware HCX | 4.8.x | CVE-2024-38814 | 8.8 | Important | 4.8.3 |
No workarounds or additional documentation are available for this vulnerability, underscoring the urgency of users updating their systems immediately.
VMware has acknowledged Sina Kheirkhah (@SinSinology) of the Summoning Team (@SummoningTeam), working with Trend Micro Zero Day Initiative (ZDI), for responsibly reporting this vulnerability.
This collaboration highlights the importance of coordinated disclosure in maintaining cybersecurity.
Organizations using VMware HCX should prioritize updating their systems to fixed versions to mitigate potential exploitation risks.
Regularly reviewing security advisories and maintaining updated software versions are crucial to safeguarding against vulnerabilities such as CVE-2024-38814.
For further details, users can refer to VMware’s official advisory page and stay informed about any future updates or related security notices from VMware.
This incident reminds us of the ever-present threat landscape and the need for vigilance in cybersecurity practices across all sectors, using virtualized environments like VMware HCX.
How to Choose an ultimate Managed SIEM solution for Your Security Team -> Download Free Guide(PDF)
A newly identified malware, dubbed Zhong Stealer, has emerged as a significant threat to the…
In a recent development, the SPAWNCHIMERA malware family has been identified exploiting the buffer overflow…
A significant vulnerability in Sitevision CMS, versions 10.3.1 and earlier, has been identified, allowing attackers…
Chinese cybersecurity entities have accused the U.S. National Security Agency (NSA) of orchestrating a cyberattack…
The ACRStealer malware, an infostealer disguised as illegal software such as cracks and keygens, has…
A security vulnerability in Nagios XI 2024R1.2.2, tracked as CVE-2024-54961, has been disclosed, allowing unauthenticated…