.. / CVE-2024-37081

Exploit for VMware vCenter Server (7.0, 8.0), VMware Cloud Foundation (4.x, 5.x) - Local Privilege Escalation (CVE-2024-37081)

Description:

The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance.

Affected Products:

Proof of Concept

PoC exploit

References:

https://nvd.nist.gov/vuln/detail/CVE-2024-37081
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453