CVE-2024-37079CISA KEVEPSS p97.4%

CVE-2024-37079Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability

Broadcom / VMware vCenter Server

Description

Broadcom VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. This could allow a malicious actor with network access to vCenter Server to send specially crafted network packets, potentially leading to remote code execution.

Scoring

EPSS22.38% probability of exploitation · percentile 97.4% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2026-01-23

(incoming)1

TypeTargetConfidenceTier
KEVEntryBroadcom VMware vCenter Server Out-of-bounds Write Vulnerabilitykev-cve-2024-370790%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
VMware vCenter Server Out-of-Bounds Write Vulnerability
CVE
VMware vCenter Server Heap-Based Buffer Overflow Vulnerability
CVE
VMware vCenter Server Remote Code Execution Vulnerability
CVE
VMware vCenter Server Privilege Escalation Vulnerability
CVE
VMware vCenter Server Incorrect Default File Permissions Vulnerability
CVE
CVE-2025-41237
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.