VMware released an advisory (VMSA-2024-0021) addressing a critical vulnerability in its HCX platform.
The vulnerability, CVE-2024-38814, is an authenticated SQL injection flaw that poses a significant security risk. With a CVSSv3 base score of 8.8, this issue is classified as having “Important” severity.
The vulnerability allows malicious authenticated users with non-administrator privileges to execute unauthorized remote code on the HCX manager by submitting specially crafted SQL queries.
According to the Broadcom report, the vulnerability affects multiple versions of VMware HCX, specifically version 4.10.x, 4.9.x, and 4.8.x.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free
VMware has promptly released patches to address this issue. Users are strongly advised to apply the updates listed in the “Fixed Version” column of the response matrix provided below:
| VMware Product | Version | CVE | CVSSv3 | Severity | Fixed Version |
| VMware HCX | 4.10.x | CVE-2024-38814 | 8.8 | Important | 4.10.1 |
| VMware HCX | 4.9.x | CVE-2024-38814 | 8.8 | Important | 4.9.2 |
| VMware HCX | 4.8.x | CVE-2024-38814 | 8.8 | Important | 4.8.3 |
No workarounds or additional documentation are available for this vulnerability, underscoring the urgency of users updating their systems immediately.
VMware has acknowledged Sina Kheirkhah (@SinSinology) of the Summoning Team (@SummoningTeam), working with Trend Micro Zero Day Initiative (ZDI), for responsibly reporting this vulnerability.
This collaboration highlights the importance of coordinated disclosure in maintaining cybersecurity.
Organizations using VMware HCX should prioritize updating their systems to fixed versions to mitigate potential exploitation risks.
Regularly reviewing security advisories and maintaining updated software versions are crucial to safeguarding against vulnerabilities such as CVE-2024-38814.
For further details, users can refer to VMware’s official advisory page and stay informed about any future updates or related security notices from VMware.
This incident reminds us of the ever-present threat landscape and the need for vigilance in cybersecurity practices across all sectors, using virtualized environments like VMware HCX.
How to Choose an ultimate Managed SIEM solution for Your Security Team -> Download Free Guide(PDF)
The VIPKeyLogger infostealer, exhibiting similarities to the Snake Keylogger, is actively circulating through phishing campaigns. …
INTERPOL has called for the term "romance baiting" to replace "pig butchering," a phrase widely…
Cybersecurity experts are sounding the alarm over a new strain of malware dubbed "I2PRAT," which…
A new cyber campaign by the advanced persistent threat (APT) group Earth Koshchei has brought…
Recent research has linked a series of cyberattacks to The Mask group, as one notable…
RiseLoader, a new malware family discovered in October 2024, leverages a custom TCP-based binary protocol…