CVE-2024-38812CISA KEVEPSS p98.9%

CVE-2024-38812VMware vCenter Server Heap-Based Buffer Overflow Vulnerability

VMware / vCenter Server

Description

VMware vCenter Server contains a heap-based buffer overflow vulnerability in the implementation of the DCERPC protocol. This vulnerability could allow an attacker with network access to the vCenter Server to execute remote code by sending a specially crafted packet.

Scoring

EPSS53.48% probability of exploitation · percentile 98.9% · 2026-06-19T12:03:05Z

CISA KEV entry

Added to KEV: 2024-11-20

(incoming)1

TypeTargetConfidenceTier
KEVEntryVMware vCenter Server Heap-Based Buffer Overflow Vulnerabilitykev-cve-2024-388120%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
VMware vCenter Server Out-of-Bounds Write Vulnerability
CVE
Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability
CVE
VMware vCenter Server Privilege Escalation Vulnerability
CVE
VMware vCenter Server Remote Code Execution Vulnerability
CVE
CVE-2025-41238
CVE
VMware vCenter Server Improper Input Validation Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.