CVE-2024-38812
is CVE-2024-38812real, exploitable, or a false positive? Here's the community ground truth.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
References
Published
Embed this verdict
[](https://www.truepositive.app/cve/CVE-2024-38812)<a href="https://www.truepositive.app/cve/CVE-2024-38812"><img src="https://www.truepositive.app/cve/CVE-2024-38812/badge.svg" alt="TruePositive verdict for CVE-2024-38812"></a>Live badge — updates automatically as the community verdict changes.
Community ground truth
Community verdict
3 verdictsIncludes TruePositive's curated baseline from public sources — community verdicts accrue on top.
Pick your verdict — we'll save it right after a quick sign-in.
In line with its CVSS base score.
Field notes & remediation
Verdicts are the quick signal — notes are the evidence and fixes behind them.
- 0
VMware vCenter Server Heap-Based Buffer Overflow Vulnerability — VMware vCenter Server contains a heap-based buffer overflow vulnerability in the implementation of the DCERPC protocol. This vulnerability could allow an attacker with network access to the vCenter Server to execute remote code by sending a specially crafted packet. Listed in the CISA KEV catalog (added 2024-11-20) — confirmed exploited in the wild, not theoretical. FIRST EPSS puts the chance of exploitation in the next 30 days at ~53%. Treat it as real and prioritize remediation over triage.
- 0
Required action for VMware vCenter Server: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. CISA set a federal remediation due date of 2024-12-11. After patching, verify the vulnerable path is no longer reachable before closing the finding.
Related CVEs
Same weakness — CWE-122.
- CVE-2021-21017CVSS 8.8KEVEPSS 86%
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
- CVE-2023-27997CVSS 9.8KEVEPSS 86%
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.
- CVE-2023-4911CVSS 7.8KEVEPSS 79%
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
- CVE-2022-26318CVSS 9.8KEVEPSS 78%
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
- CVE-2023-28252CVSS 7.8KEVEPSS 49%
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- CVE-2023-23376CVSS 7.8KEVEPSS 11%
Windows Common Log File System Driver Elevation of Privilege Vulnerability