vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
An attacker with network access to vCenter Server can send a specially crafted network packet that triggers a heap overflow during DCERPC protocol processing. A write error outside buffer boundaries (CWE-787) can lead to hijacking control of the process execution flow. As a result, remote execution of arbitrary code (RCE) is possible without the need for any privileges or user interaction.
An attacker can gain the ability to execute code remotely on the vCenter Server, which in practice means complete takeover of control over the virtual infrastructure management environment.
Patches available from the vendor should be applied according to the references — detailed information about patched versions can be found in the Broadcom bulletin: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453
VMware vCenter Server and VMware Cloud Foundation — versions indicated in the vendor's references (Broadcom advisory number 24453)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HVMware Cloud Foundation
APPVmware4.0 – 5.2 (bez)VMware Vcenter Server
APPVmware7.08.0
CISA KEV — detailsi
- Vendori
- Broadcom
- Producti
- VMware vCenter Server
- Added to KEVi
- January 23, 2026
- Remediation deadline (US Federal)i
- February 13, 2026(overdue)
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Broadcom VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. This could allow a malicious actor with network access to vCenter Server to send specially crafted network packets, potentially leading to remote code execution.
Related vulnerabilities
VMware ESXi/Workstation: TOCTOU umożliwia ucieczkę z VM przez VMX process
VMware vCenter Server — heap-overflow w DCERPC umożliwia RCE
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A m...
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-s...
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor...